Trojaner-Board - 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - 50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix (https://www.trojaner-board.de/110210-50-virus-malwarebytes-bereits-durchgelaufen-objekte-geloescht-funktioniert-immer-noch-nix.html)

50€ Virus, Malwarebytes bereits durchgelaufen,Objekte gelöscht funktioniert immer noch nix

Hallo ihr lieben.

Ich habe bereits den großteil heute in eurem Forum verbracht.Wie bereits oben geschrieben, habe ich mir den 50€ Virus eingefangen. Ich habe den Malwarebytes bereits durchlaufen lassen und die bestehenden Objekte gelöscht. Als ich aber wieder nach dem Neustart wieder ganz normal mit dem Laptop arbeiten wollte, kam immer noch die tolle schwarz-rot-gold Meldung.
Was kann ich noch tun? Bitte helft mir!
Ich habe nämlich nicht wirklich Ahnung von PC und co. Bitte eine idiotensichere Hilfestellung....
Vielen Dank! :dankeschoen:

hi,
1. neustarten, f8 drücken abgesicherter modus mit netzwerk wählen.
2. malwarebytes öffnen, logdateien, ergebnisse posten.
3.
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die http://larusso.trojaner-board.de/Images/otlfix.jpg
Textbox.

Code:

activex

netsvcs

msconfig

%SYSTEMDRIVE%\*.

%PROGRAMFILES%\*.exe

%LOCALAPPDATA%\*.exe

%systemroot%\*. /mp /s

/md5start

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

explorer.exe

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\*.dll /lockedfiles

%USERPROFILE%\*.*

%USERPROFILE%\Local Settings\Temp\*.exe

%USERPROFILE%\Local Settings\Temp\*.dll

%USERPROFILE%\Application Data\*.exe

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

alwarebytes Anti-Malware (Test) 1.60.1.1000
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.02.20.01

Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
ProMarkt :: PROMARKT-PC [Administrator]

Schutz: Deaktiviert

20.02.2012 13:22:57
mbam-log-2012-02-20 (13-22-57).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 523645
Laufzeit: 1 Stunde(n), 55 Minute(n), 30 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 2
C:\Program Files\MyWebSearch\bar\3.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Löschen bei Neustart.
C:\Program Files\GamingWonderland\bar\1.bin\gtSrcAs.dll (Adware.MyWebSearch) -> Löschen bei Neustart.

Infizierte Registrierungsschlüssel: 237
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\FunWebProducts.DataControl.1 (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\FunWebProducts.DataControl (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.FunWebProducts) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094

2012/02/20 15:22:00 +0100 PROMARKT-PC ProMarkt MESSAGE Executing scheduled update: Daily
2012/02/20 15:22:09 +0100 PROMARKT-PC ProMarkt MESSAGE Scheduled update executed successfully: database updated from version v2012.02.20.01 to version v2012.02.20.02
2012/02/20 15:23:14 +0100 PROMARKT-PC ProMarkt MESSAGE Starting protection
2012/02/20 15:23:17 +0100 PROMARKT-PC ProMarkt MESSAGE Protection started successfully
2012/02/20 15:23:20 +0100 PROMARKT-PC ProMarkt MESSAGE Starting IP protection
2012/02/20 15:23:25 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection started successfully
2012/02/20 15:23:25 +0100 PROMARKT-PC ProMarkt MESSAGE Starting database refresh
2012/02/20 15:23:25 +0100 PROMARKT-PC ProMarkt MESSAGE Stopping IP protection
2012/02/20 15:23:27 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection stopped
2012/02/20 15:23:30 +0100 PROMARKT-PC ProMarkt MESSAGE Database refreshed successfully
2012/02/20 15:23:31 +0100 PROMARKT-PC ProMarkt MESSAGE Starting IP protection
2012/02/20 15:23:35 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection started successfully
2012/02/20 15:41:40 +0100 PROMARKT-PC ProMarkt MESSAGE Starting protection
2012/02/20 15:41:43 +0100 PROMARKT-PC ProMarkt MESSAGE Protection started successfully
2012/02/20 15:41:46 +0100 PROMARKT-PC ProMarkt MESSAGE Starting IP protection
2012/02/20 15:41:51 +0100 PROMARKT-PC ProMarkt MESSAGE IP Protection started successfully

so dass sind schon mal diese Lod-Dateien.Ich lad mir jetzt diesen Oldtimer runter.

so hier jetzt die OTL.TxT Datei

OTL logfile created on: 20.02.2012 16:16:46 - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\ProMarkt\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free
6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS

Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --
PRC - [2012.02.07 13:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.01.21 10:12:14 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

========== Modules (No Company Name) ==========

MOD - [2012.02.14 20:57:36 | 000,076,800 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCoreGecko9.dll
MOD - [2012.01.21 10:12:14 | 002,124,760 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011.12.12 13:40:04 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
MOD - [2007.06.15 18:28:36 | 000,147,456 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt.dll
MOD - [2007.06.02 01:08:18 | 000,143,360 | ---- | M] () -- C:\Program Files\ASUS\ASUS Data Security Manager\ShlExt\x86\OverlayIconShlExt1.dll

und die Extras-Txt.:
OTL Extras logfile created on: 20.02.2012 16:16:46 - Run 1
OTL by OldTimer - Version 3.2.33.1 Folder = C:\Users\ProMarkt\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free
6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS
Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS

Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

das sieht irgendwie unvollständig aus,
poste die logs noch mal bitte

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 20.02.2012 16:16:46 - Run 1

OTL by OldTimer - Version 3.2.33.1     Folder = C:\Users\ProMarkt\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free

6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS

Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS

 

Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02DAB8F7-2498-4CC1-91F3-AFD2B2E4782F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{20A5C5DA-EB9E-479F-BF64-24FDAC295AF6}" = rport=138 | protocol=17 | dir=out | app=system | 

"{23D379B7-EEF2-4632-BA1F-3D1A60338CE6}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{2B0E0A74-A19F-4944-A4B1-33A7DAE6C1AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{31D0DCB8-819E-4073-8E4B-37F5D3D121CE}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{34790652-788B-4285-A1FE-C849A4C4EBF8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{5CF9C06D-C484-4A3D-9BB0-B376443979FB}" = lport=139 | protocol=6 | dir=in | app=system | 

"{65283B25-86FA-48C2-BAFC-BA081087F8DA}" = rport=137 | protocol=17 | dir=out | app=system | 

"{6AB1A956-D6A2-4E59-97E9-9FA914FE6DC4}" = lport=445 | protocol=6 | dir=in | app=system | 

"{6D8130F7-AABA-408C-979E-EA403FAF8E3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{6E4897E4-0389-4C68-8C44-EBE0AE05FDA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{7A3E05D2-FFE0-4A1C-A5C7-C7110171220B}" = rport=445 | protocol=6 | dir=out | app=system | 

"{7C7BEA30-2D39-4D11-895A-52EC00306236}" = lport=137 | protocol=17 | dir=in | app=system | 

"{8CC79FA7-1E5E-4839-8781-61B34DA6C635}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{8FA544CD-BE52-455B-9352-A7782BD4DC1C}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{9BE45BE5-4840-4C5D-9A9B-1DFFBF40500C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 

"{B6711F87-19DF-4C0E-9E51-43219754C3D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{BB55D5AC-A1E0-4EA4-947E-CD0CDFD51E39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 

"{BCB9C679-75D9-4FBE-954A-3842018D3D64}" = rport=139 | protocol=6 | dir=out | app=system | 

"{C81C1B58-F72D-4BFC-80F9-CECE270F4FDB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D3CF8E4C-47CD-4E4C-B6A3-E4BB3AF71A01}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{D640AA19-70B8-4EA8-93D5-F1BAC175516D}" = lport=138 | protocol=17 | dir=in | app=system | 

"{D90FB387-61C7-4FAD-8246-B1E0135033F0}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{E64AB04F-3747-48C6-AC3C-8CF59BC11C53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{F9138026-2C89-49EE-A214-D2A1E4A817BF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{022EF97B-5F85-4C19-8EE5-B8EFB9D4B1DA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{02C1B8B9-221B-46AB-9B5C-540D708B178F}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe | 

"{0370BD5E-B0AF-4F78-A4D6-9214A21CB6CE}" = protocol=6 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe | 

"{04268B23-C847-4E72-A157-60103B8D4F02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{08B88178-DB22-48AE-87C8-D559A4F7BF07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{095F2DA3-80F9-4537-B8C3-ED6A21894140}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{10639845-8177-49F3-996B-6E3B8D41B4F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{16B95E55-E9FC-44C1-A21F-0F618C88CDE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{19495C47-BE96-4A13-92F9-D5364AF0DCF1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{1CEA12EF-C4E9-4A55-B352-93DA9618CB99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 

"{1E3A6BEA-978F-4722-9561-F0668E465991}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{1EF501BA-6AAA-415F-BED4-5E2CAB1C46F7}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{21156917-730D-47EA-A749-7D5670503EDA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{23A27F83-0D31-4534-9A76-E87E8D252482}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 

"{2583223A-0718-480C-9E6F-8D4FCA1D5005}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{2B73ED2E-ABE3-42FE-9BFC-25A1896DF625}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe | 

"{325C9D50-9BB1-43D6-B6B2-E6438185F96B}" = dir=in | app=e:\setup\hpznui01.exe | 

"{34F1C6AA-65F8-4CFE-8365-6E77236090D8}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe | 

"{3A248AC8-8B60-4552-86F4-E936EF4C4B96}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{3EC7A865-5CD5-4465-ABD2-9E0EF0B0B934}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 

"{40F2DAA3-93F6-4604-9C54-80AA7493862D}" = protocol=17 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe | 

"{44A20107-13FD-4874-89C3-5EE178434513}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{4CA4991C-6B3A-44C2-B620-C39E82B5DBAF}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe | 

"{555A893E-FDF2-4317-BFA8-665946763BC8}" = protocol=6 | dir=out | app=system | 

"{5816B92A-2E89-48BC-841B-7EB6F4DB4C4F}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{5C9D91D1-40A0-4A68-8473-43B4E4F1B637}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 

"{5CEEDEF3-F127-4D34-B08C-FE9852021697}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 

"{5D4B36F6-D572-48FD-B032-48137B4FE23A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe | 

"{63962F54-74EB-4384-BD28-ACCDD6255C5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{63F7DC3E-C7B6-4576-ACBF-5D5ABBDB6F7E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 

"{69F0AFA1-010C-41A4-B5B8-DF7D48116C0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 

"{6F25D84B-F0D6-47C9-8246-4F161594CA77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{705E6D35-48FF-4252-BB42-80C6FC0111F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{73BD1927-8439-49A7-B345-997ED83A1122}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 

"{74D33E81-4C09-491F-9876-08B0BA200C7E}" = dir=in | app=c:\program files\itunes\itunes.exe | 

"{78A582DB-FFF5-487A-A48B-9B919EB84705}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe | 

"{795E5D3E-56A1-469A-9B3A-89E52817D535}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{7B4BD0CA-50CA-44B4-93A6-C5B64496DCFB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{8025C76D-E90A-453A-AF22-73E1D18561D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{82C655CC-30DD-4C39-8AF3-6E56F03469B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{83EFE8DA-8C7B-44D0-ADAD-B6F8DEAD5DA2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{847E1B7F-36A7-4D38-875C-F427A36A705F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 

"{869B4F14-AB44-429B-BD01-99EF89DB640F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{89CDE994-D4F8-4CF9-9EF2-AAF163CF8248}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{8D2A95AF-3D82-4211-8973-65616543EEDD}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{8F16B1E7-AE4D-4C9C-BAAC-9E51A793C3C3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{9CC2F7D1-6037-4615-90D1-5C912A338863}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{A3008DBD-41C8-41A2-9C7F-2329F3B95DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{A517C3DA-65EA-48A9-A9E8-2DE69B9D0D86}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 

"{ADC028AF-7DFC-4B66-B79B-7D8E0EE325E1}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{BAD62B64-FC49-48C5-BDD9-524EB6B6B59B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe | 

"{BB0C0896-E775-4FB8-9064-590E5320A637}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{BC51C0DA-2477-48AA-8FC8-81124A1E4F1E}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{BC853D97-08B9-4586-9C43-DFA3C33392F6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 

"{C0541715-F39B-49DB-B10A-1A98A97FBBA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{CD168752-FF31-49A6-9642-43CFF3604F8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 

"{CE59635E-0C5C-465B-8B6B-E210C46F4027}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 

"{D4043BB7-E6E8-4353-8ECF-C681E9414180}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 

"{D48400D1-A452-447E-8C56-51C39CBB38B3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe | 

"{D6C20B96-A7E5-4D41-BB65-8BDDBA63895E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{DE434559-6B73-4579-9337-7D96FACAC8B9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 

"{E8CFAEEE-E28F-4ED4-9C9A-690429F35CE3}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{EA2AB6F6-D385-4F1F-A5BA-DAB4210751C0}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{ECC0E031-7E87-45F5-A5F8-9ECF26EA4B73}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 

"{F12BF12D-1359-4BA5-A4AE-21B0F639DEDE}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe | 

"{F217BB12-3012-4973-A266-6F3936724FE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{F2C6065F-CB6F-42F9-873D-139BB74FC505}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe | 

"{F31BA15B-E47E-4CD2-9138-26F49E183C79}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{F7C7DF0C-DE83-49CC-AAD3-364482A75374}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 

"{F808A2E2-9E57-4128-8C93-A01AABADABFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 

"TCP Query User{2E10178D-5EBA-44C9-AD5A-9366393EA43A}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"TCP Query User{4A38F161-D678-4318-BBCE-1ECF809BD066}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"TCP Query User{5057036A-FCAD-4108-9FE6-44CBEDBBEAD2}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 

"TCP Query User{54D41A2D-05BC-4B30-A956-B9D5DA55AA07}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 

"TCP Query User{5F63B3AC-2FAA-4ABC-BA71-A76DA10A5444}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"TCP Query User{8DA1BF8B-1D86-4ADD-9EC8-B32D2DDEF3F8}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe | 

"TCP Query User{9E205BE3-1A54-49B9-B6D9-3D77E290D760}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=6 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe | 

"TCP Query User{A320ABF8-3945-4CAA-AAEF-FF9662B592D1}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | 

"TCP Query User{A81A1FE5-96A9-45EB-A04E-03C85F850FE6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"TCP Query User{E10C278F-2A1E-4308-BC93-CC1B14B00985}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 

"TCP Query User{F1024B5E-3CBA-497C-9CF3-EE33B439444A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 

"UDP Query User{0F06F252-F68A-4F17-A3E4-61A8278AA0E5}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 

"UDP Query User{37345880-D1F4-43AA-9E27-8429ADBD73AD}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 

"UDP Query User{3ADBB293-033D-449E-86C0-D9CC14C5FDCB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 

"UDP Query User{3ADEAE7F-A8A2-41A6-89A1-8C21121BD4A0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 

"UDP Query User{3B471DAC-9DD3-4D5C-B611-13564A2F036B}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=17 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe | 

"UDP Query User{4D906713-D34E-4859-B938-1018C6D57D79}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"UDP Query User{57D31400-75FF-4746-B9FC-AE5B1DE16940}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{61B3C153-5CEB-47CD-B21F-0620EBAF41E1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"UDP Query User{CBC23B42-9538-4058-98B7-BAC9DF8FEBB2}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"UDP Query User{CF929AE1-7C52-433F-950A-B13A59CB63F2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | 

"UDP Query User{EB111ED2-1147-4942-89A4-AA73C6B55896}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources

"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos

"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker

"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery

"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant

"{17B3A135-BAA4-1953-AEDF-1496A5159E2A}" = CCC Help French

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{206262A9-1646-7014-22A0-41945D93426C}" = CCC Help Dutch

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2677066A-6ACC-8B1B-82C0-7311ED12D73A}" = CCC Help Turkish

"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26

"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program

"{29164718-5C73-D67E-8A3F-A00220D98818}" = CCC Help Portuguese

"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player

"{2DA0C980-2ACE-3F81-0306-131F70BD751B}" = Catalyst Control Center Core Implementation

"{2E1AC6B8-F779-F3D3-3683-E0240D576917}" = CCC Help Italian

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{30FDAACF-C49B-5AE6-2AA9-2C050F929B37}" = CCC Help Hungarian

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3460BCDC-B45D-84A7-C8ED-C5041B8E2A2B}" = CCC Help English

"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine

"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective

"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources

"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module

"{402BFE8F-E223-4215-BCCE-7634FB202909}" = Journey of Hope

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{44580BA8-245A-814D-BD25-7EA6FACD5DDC}" = CCC Help Russian

"{47C7E3C7-1E38-85DB-887D-F9FF84F2086A}" = CCC Help Chinese Standard

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A11948E-8521-43B8-BBBD-5C24B804F0A3}" = Samsung PC Studio 3

"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound

"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety

"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio

"{566F3EB2-C09A-F090-F573-169C42E7E381}" = Catalyst Control Center Graphics Full Existing

"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7

"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status

"{5C97698A-FAB5-41DB-ADB0-5FCB2BC84588}" = InternetExplorer-GMX-Addon

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{62CA4D04-7DC8-7ED6-7AE4-833A79AE2DF9}" = Catalyst Control Center Graphics Full New

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{655E04FB-E875-4668-D05A-A3CED767DFF8}" = CCC Help Korean

"{656C519D-C82C-F7E0-93CE-087D5CA75AEA}" = ccc-core-static

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti

"{7099D2EB-872E-5163-3F00-A893AC905042}" = CCC Help Japanese

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72E84495-D53C-07FB-76D0-4DD11E710882}" = Catalyst Control Center Localization All

"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security

"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey

"{806C9880-B087-B336-A86A-5E7E4DB95C39}" = CCC Help Norwegian

"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113219527}" = Gemsweeper

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119633810}" = Club Der Ermittlerinnen - 4 Kleine dunkle Lügen

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119974283}" = Jar of Marbles

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119988867}" = Fear for Sale - Mystery of McInroy Manor

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005202}" = Magical Mysteries

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005245}" = Jewel Match 3

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005390}" = The Agency of Anomalies

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005401}" = Dream Woods 2

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{847378DE-A6F2-4D63-ADA5-FE90496222D5}" = O&O CleverCache

"{85916CB0-4F79-4672-9E74-2F08B8A7157F}" = Das Seelenschiff

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007

"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007

"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007

"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007

"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007

"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007

"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007

"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007

"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007

"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007

"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007

"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007

"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007

"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007

"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110

"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter

"{A460F932-27CF-76F6-A291-8C4F7337EFE9}" = CCC Help Spanish

"{A48A1D1C-307A-46F9-983E-9762863D15F1}" = GMX Toolbar MSVC100 CRT x86

"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB429542-1E9D-7479-7ED4-B6D0B5C237E7}" = CCC Help Czech

"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply

"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B32ECB8E-4532-FD59-02C4-CB0B8F90F68D}" = CCC Help Swedish

"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support

"{B61F7104-884B-D57D-1626-DE5AD5674B51}" = Skins

"{B7606E5A-5D01-789F-F5E1-39D78F04854C}" = Catalyst Control Center Graphics Previews Vista

"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver

"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater

"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module

"{BB1E1B48-6136-1887-7307-2D9414009516}" = CCC Help Thai

"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2

"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter

"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BFDAC740-3ACD-50A5-6259-F14FA93C86A5}" = ccc-utility

"{C0AE3E60-6003-AF6F-BF8A-B2829480D39D}" = CCC Help Greek

"{C1DFFC18-D91D-0481-0003-5B968F09AFDF}" = CCC Help Chinese Traditional

"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3

"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C92877A9-9294-334C-0AEB-A1CCA8905FC6}" = CCC Help Finnish

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour

"{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi

"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media

"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch

"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D463B523-2F2F-A82D-B980-01C9AD578580}" = CCC Help Danish

"{D7385800-AE69-7527-1615-7DFDC02DF55A}" = Catalyst Control Center Graphics Light

"{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}" = Nokia Software Updater

"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader

"{DB7752E0-D5F8-93DA-7C34-3CD8ECB123B5}" = CCC Help Polish

"{DBE1E170-3EF6-AAA5-32C4-A78D98DF86A1}" = ATI Catalyst Install Manager

"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update

"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer

"{E59AA04C-67BC-C6F8-E8B9-A9E103E3F49B}" = CCC Help German

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = Die Sims - Complete Collection

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm

"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager

"{FC3D5BBB-CDF6-252C-2212-06D61AD2C628}" = Catalyst Control Center InstallProxy

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"04d1a5ee752ea0bba32187facb004bdc" = The Magician's Handbook - Cursed Valley

"0f39ccaa11c9cd1f89baf152791761e4" = G.H.O.S.T. Hunters

"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung

"1&1 Mail & Media GmbH Toolbar FF" = GMX Toolbar für Mozilla Firefox

"1&1 Mail & Media GmbH Toolbar IE8" = GMX Toolbar für Internet Explorer

"14d282e311142e19fed42f537b66812d" = Golden Trails - The New Western Rush

"20 days to find Amy_is1" = 20 days to find Amy

"3579ddfd54c5f785ab5b7ad236e820d2" = Golden Trails 2 - The Lost Legacy

"37e10e4eaf44e0b4f634b76a940b6c2d" = A Gypsy's Tale - The Tower of Secrets

"3d6591571f4d1f2816b51fa639cc3064" = Adventure Chronicles

"3d6a0fd7d50d9d5415e8469c14994675" = Campfire Legends - The Last Act Premium Edition

"422f8c51dc38c8f457f34177464aa4cd" = Mortimer Beckett and the Secrets of Spooky Manor

"477ddef69c1f5f948c934c84eb573b5e" = Gold Rush - Treasure Hunt

"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)

"510005627" = Macabre Mysteries - Curse of the Nightingale

"54b97cd87dc11fb7a021ff00eb405c94" = Big City Adventure - San Francisco

"85f3d7b141ab87ca6b3046789c286c75" = Mysteryville

"868b646b464ed3353ca94b579eee1a61" = Jewel Match 2

"ABAEnglish" = ABAEnglish 2.0

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Advanced SystemCare 4_is1" = Advanced SystemCare 4

"Alamandi" = Alamandi

"Amazing Adventures The Caribbean Secret" = Amazing Adventures The Caribbean Secret

"Ancient Secrets" = Ancient Secrets (entfernen)

"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"b3a4763adf0308bdc9d700912dd19bad" = The Treasures of Mystery Island

"BabylonToolbar" = Babylon toolbar on IE

"Bejeweled 3" = Bejeweled 3

"Bejeweled Twist 1.0.3.8137" = Bejeweled Twist 1.0.3.8137

"bf28585d035ebda81d8dad6bba4b578b" = Voodoo Whisperer - Curse of a Legend

"BFGC" = Big Fish Games: Game Manager

"Cave Quest" = Cave Quest

"Cradle of Rome_is1" = Cradle of Rome

"d1add0d29cc2e71c1ce9672c8016211f" = Little Shop of Treasures 2

"Das mysteriöse Drachenrad" = Das mysteriöse Drachenrad

"Das Vermächtnis der Insel 2" = Das Vermächtnis der Insel 2

"Der Exorzist II" = Der Exorzist II

"DFX for Windows Media Player" = DFX for Windows Media Player

"Diamantenfee 2" = Diamantenfee 2

"Diamond Drop 2" = Diamond Drop 2

"Die 4 Elemente II" = Die 4 Elemente II

"Die Matroschka-Morde" = Die Matroschka-Morde

"Die Wiege Ägyptens" = Die Wiege Ägyptens

"Die Wiege Olympias 3" = Die Wiege Olympias 3

"DivX Setup" = DivX-Setup

"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER

"e57b471cf4eded51f540b1940d35d50d" = Mortimer Beckett and the Time Paradox

"ea8d1486bb53de1d7add0a3a48600ba8" = Romance of Rome

"Elantech" = ETDWare PS/2-x86 7.0.5.3 WHQL

"Elementals: Der Magische Schlüssel" = Elementals: Der Magische Schlüssel (entfernen)

"EPSON Scanner" = EPSON Scan

"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch

"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall

"Firefox 3.5 GMX Edition" = Firefox 3.5 GMX Edition

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908

"GamesBar" = GamesBar 2.0.1.109

"Geheime Fälle: Die gestohlene Venus" = Geheime Fälle: Die gestohlene Venus (entfernen)

"Geheime Fälle: Vermisst in Rom - Spezialversion" = Geheime Fälle: Vermisst in Rom - Spezialversion

"Geheimnis von Montezuma 3" = Geheimnis von Montezuma 3

"Ghost Town Mysteries" = Ghost Town Mysteries

"Google Chrome" = Google Chrome

"Hide and Secret 4: Die verlorene Welt" = Hide and Secret 4: Die verlorene Welt

"HP Imaging Device Functions" = HP Imaging Device Functions 14.0

"HP Smart Web Printing" = HP Smart Web Printing 4.60

"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0

"HPExtendedCapabilities" = HP Customer Participation Program 14.0

"iMesh 1 MediaBar" = MediaBar

"incredibar" = Incredibar Toolbar  on IE and Chrome

"InstallShield_{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InternetExplorer-GMX-Addon" = InternetExplorer-GMX-Addon

"jetztspielenob.de Toolbar" = jetztspielenob.de Toolbar

"Jewel Quest II_is1" = Jewel Quest II

"Karthago 3" = Karthago 3

"Kfz-Kosten senken_is1" = Kfz-Kosten senken 1.1.8

"Kinder des Mondes" = Kinder des Mondes

"Laura Jones" = Laura Jones

"LogMeIn Hamachi" = LogMeIn Hamachi

"Magic Encyclopedia 2: Mondschein" = Magic Encyclopedia 2: Mondschein (entfernen)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000

"Meine kleine Farm: Das antike Rom" = Meine kleine Farm: Das antike Rom

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Midnight Mysteries" = Midnight Mysteries

"Midnight Mysteries: Teufel auf dem Mississippi Sammleredition" = Midnight Mysteries: Teufel auf dem Mississippi Sammleredition

"Millionaire Manor: Die Wimmelbildshow" = Millionaire Manor: Die Wimmelbildshow

"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)

"MyPlayCity Toolbar" = MyPlayCity Toolbar

"Mystery of Unicorn Castle_is1" = Mystery of Unicorn Castle

"Mystery P.I. - The Curious Case of Counterfeit Cove" = Mystery P.I. - The Curious Case of Counterfeit Cove

"Nightfall Mysteries - Die Ashburg Verschwörung_is1" = Nightfall Mysteries - Die Ashburg Verschwörung

"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019

"Nokia Ovi Suite" = Nokia Ovi Suite

"NSS" = Norton Security Scan

"ORTMANN Media-Verlag Cross Stitch Designer 4.0" = ORTMANN Cross Stitch Designer 4.0

"Phantasmat" = Phantasmat

"PROHYBRIDR" = 2007 Microsoft Office system

"Red Crow Mysteries: Legion" = Red Crow Mysteries: Legion

"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0

"Rune Of Fate_is1" = Rune Of Fate

"Sacra Terra: Nacht der Engel" = Sacra Terra: Nacht der Engel

"Samantha Swift 4" = Samantha Swift 4

"Samantha Swift and the Hidden Roses of Athena" = Samantha Swift and the Hidden Roses of Athena

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"Sarah’s Ranch" = Sarah’s Ranch

"Schätze der geheimnisvollen Insel: Das Geisterschiff" = Schätze der geheimnisvollen Insel: Das Geisterschiff

"screensaver_wnw_v2_400_euro_fi_is1" = screensaver_wnw_v2_400_euro_fi

"Sherlock Holmes und der Hund der Baskervilles" = Sherlock Holmes und der Hund der Baskervilles

"Shop for HP Supplies" = Shop for HP Supplies

"Snark Busters: Willkommen im Club" = Snark Busters: Willkommen im Club

"Spiegelwelten" = Spiegelwelten

"Sprill & Ritchie: Abenteuerliche Zeitreisen" = Sprill & Ritchie: Abenteuerliche Zeitreisen (entfernen)

"Steam App 38190" = Romance of Rome

"Steam App 91820" = Cloning Clyde Demo

"Tatort Museum" = Tatort Museum

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"The Clumsys 2 - Butterfly Effect" = The Clumsys 2 - Butterfly Effect (entfernen)

"The Fool" = The Fool

"The Island: Castaway" = The Island: Castaway

"The Lost Kingdom Prophecy" = The Lost Kingdom Prophecy (entfernen)

"The Wizard's Pen 1.01" = The Wizard's Pen 1.01

"Um die Welt in 80 Tagen_is1" = Um die Welt in 80 Tagen 1.0

"Uninstall_is1" = Uninstall 1.0.0.1

"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam

"USB Mass Storage Filter Driver" = Multimedia Card Reader

"Vacation Quest - Australia" = Vacation Quest - Australia

"VLC media player" = VLC media player 1.0.5

"WildTangent wildgames Master Uninstall" = WildTangent-Spiele

"WinLiveSuite" = Windows Live Essentials

"World Mosaics 4" = World Mosaics 4

"WTA-30a74d62-0d10-4278-8fa1-af57463c6487" = Isla Dorada - Episode 1: The Sands of Ephranis

"Xvid_is1" = Xvid 1.2.2 final uninstall

"Zylom Games Player Plugin" = Zylom Games Player Plugin

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"DragonStone Deluxe" = DragonStone Deluxe

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 21.12.2010 13:42:49 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 21.12.2010 15:35:20 | Computer Name = ProMarkt-PC | Source = Application Hang | ID = 1002

Description = Programm GPlayer.exe, Version 1.2010.6.23 arbeitet nicht mehr mit 

Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet 

"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über

 das Problem zu suchen.  Prozess-ID: 1338  Anfangszeit: 01cba142df5a63dc  Zeitpunkt der

 Beendigung: 9

 

Error - 21.12.2010 19:33:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 22.12.2010 07:48:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 22.12.2010 09:00:54 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 22.12.2010 15:14:06 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 02:28:46 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 05:54:00 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 11:09:43 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 13:39:50 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

[ System Events ]

Error - 20.02.2012 10:45:08 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7011

Description = 

 

Error - 20.02.2012 10:46:32 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7022

Description = 

 

Error - 20.02.2012 10:49:18 | Computer Name = ProMarkt-PC | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am 20.02.2012 um 15:47:14 unerwartet heruntergefahren.

 

Error - 20.02.2012 10:49:41 | Computer Name = ProMarkt-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000

Description = 

 

Error - 20.02.2012 10:49:53 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 20.02.2012 10:50:03 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 20.02.2012 10:50:07 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7026

Description = 

 

Error - 20.02.2012 10:51:08 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

 

< End of report >

--- --- ---

und X-trasOTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 20.02.2012 16:16:46 - Run 1

OTL by OldTimer - Version 3.2.33.1     Folder = C:\Users\ProMarkt\Downloads

Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 77,95% Memory free

6,20 Gb Paging File | 5,76 Gb Available in Paging File | 92,90% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 149,04 Gb Total Space | 5,56 Gb Free Space | 3,73% Space Free | Partition Type: NTFS

Drive D: | 137,33 Gb Total Space | 40,34 Gb Free Space | 29,38% Space Free | Partition Type: NTFS

 

Computer Name: PROMARKT-PC | User Name: ProMarkt | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)

Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"VistaSp2" = Reg Error: Unknown registry data type -- File not found

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02DAB8F7-2498-4CC1-91F3-AFD2B2E4782F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{20A5C5DA-EB9E-479F-BF64-24FDAC295AF6}" = rport=138 | protocol=17 | dir=out | app=system | 

"{23D379B7-EEF2-4632-BA1F-3D1A60338CE6}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{2B0E0A74-A19F-4944-A4B1-33A7DAE6C1AB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{31D0DCB8-819E-4073-8E4B-37F5D3D121CE}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{34790652-788B-4285-A1FE-C849A4C4EBF8}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{5CF9C06D-C484-4A3D-9BB0-B376443979FB}" = lport=139 | protocol=6 | dir=in | app=system | 

"{65283B25-86FA-48C2-BAFC-BA081087F8DA}" = rport=137 | protocol=17 | dir=out | app=system | 

"{6AB1A956-D6A2-4E59-97E9-9FA914FE6DC4}" = lport=445 | protocol=6 | dir=in | app=system | 

"{6D8130F7-AABA-408C-979E-EA403FAF8E3B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{6E4897E4-0389-4C68-8C44-EBE0AE05FDA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{7A3E05D2-FFE0-4A1C-A5C7-C7110171220B}" = rport=445 | protocol=6 | dir=out | app=system | 

"{7C7BEA30-2D39-4D11-895A-52EC00306236}" = lport=137 | protocol=17 | dir=in | app=system | 

"{8CC79FA7-1E5E-4839-8781-61B34DA6C635}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{8FA544CD-BE52-455B-9352-A7782BD4DC1C}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{9BE45BE5-4840-4C5D-9A9B-1DFFBF40500C}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 

"{B6711F87-19DF-4C0E-9E51-43219754C3D7}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{BB55D5AC-A1E0-4EA4-947E-CD0CDFD51E39}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 

"{BCB9C679-75D9-4FBE-954A-3842018D3D64}" = rport=139 | protocol=6 | dir=out | app=system | 

"{C81C1B58-F72D-4BFC-80F9-CECE270F4FDB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{D3CF8E4C-47CD-4E4C-B6A3-E4BB3AF71A01}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 

"{D640AA19-70B8-4EA8-93D5-F1BAC175516D}" = lport=138 | protocol=17 | dir=in | app=system | 

"{D90FB387-61C7-4FAD-8246-B1E0135033F0}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{E64AB04F-3747-48C6-AC3C-8CF59BC11C53}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{F9138026-2C89-49EE-A214-D2A1E4A817BF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{022EF97B-5F85-4C19-8EE5-B8EFB9D4B1DA}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 

"{02C1B8B9-221B-46AB-9B5C-540D708B178F}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe | 

"{0370BD5E-B0AF-4F78-A4D6-9214A21CB6CE}" = protocol=6 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe | 

"{04268B23-C847-4E72-A157-60103B8D4F02}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{08B88178-DB22-48AE-87C8-D559A4F7BF07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{095F2DA3-80F9-4537-B8C3-ED6A21894140}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{10639845-8177-49F3-996B-6E3B8D41B4F8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{16B95E55-E9FC-44C1-A21F-0F618C88CDE5}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{19495C47-BE96-4A13-92F9-D5364AF0DCF1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{1CEA12EF-C4E9-4A55-B352-93DA9618CB99}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 

"{1E3A6BEA-978F-4722-9561-F0668E465991}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{1EF501BA-6AAA-415F-BED4-5E2CAB1C46F7}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{21156917-730D-47EA-A749-7D5670503EDA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{23A27F83-0D31-4534-9A76-E87E8D252482}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 

"{2583223A-0718-480C-9E6F-8D4FCA1D5005}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{2B73ED2E-ABE3-42FE-9BFC-25A1896DF625}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe | 

"{325C9D50-9BB1-43D6-B6B2-E6438185F96B}" = dir=in | app=e:\setup\hpznui01.exe | 

"{34F1C6AA-65F8-4CFE-8365-6E77236090D8}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe | 

"{3A248AC8-8B60-4552-86F4-E936EF4C4B96}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{3EC7A865-5CD5-4465-ABD2-9E0EF0B0B934}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 

"{40F2DAA3-93F6-4604-9C54-80AA7493862D}" = protocol=17 | dir=in | app=c:\users\promarkt\appdata\local\microsoft\windows\temporary internet files\content.ie5\0mcjylm3\sweetimsetup[1].exe | 

"{44A20107-13FD-4874-89C3-5EE178434513}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{4CA4991C-6B3A-44C2-B620-C39E82B5DBAF}" = protocol=17 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (5).exe | 

"{555A893E-FDF2-4317-BFA8-665946763BC8}" = protocol=6 | dir=out | app=system | 

"{5816B92A-2E89-48BC-841B-7EB6F4DB4C4F}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{5C9D91D1-40A0-4A68-8473-43B4E4F1B637}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 

"{5CEEDEF3-F127-4D34-B08C-FE9852021697}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 

"{5D4B36F6-D572-48FD-B032-48137B4FE23A}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe | 

"{63962F54-74EB-4384-BD28-ACCDD6255C5E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{63F7DC3E-C7B6-4576-ACBF-5D5ABBDB6F7E}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 

"{69F0AFA1-010C-41A4-B5B8-DF7D48116C0D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 

"{6F25D84B-F0D6-47C9-8246-4F161594CA77}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{705E6D35-48FF-4252-BB42-80C6FC0111F7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{73BD1927-8439-49A7-B345-997ED83A1122}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 

"{74D33E81-4C09-491F-9876-08B0BA200C7E}" = dir=in | app=c:\program files\itunes\itunes.exe | 

"{78A582DB-FFF5-487A-A48B-9B919EB84705}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\romance of rome\romance of rome.exe | 

"{795E5D3E-56A1-469A-9B3A-89E52817D535}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{7B4BD0CA-50CA-44B4-93A6-C5B64496DCFB}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{8025C76D-E90A-453A-AF22-73E1D18561D5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{82C655CC-30DD-4C39-8AF3-6E56F03469B7}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{83EFE8DA-8C7B-44D0-ADAD-B6F8DEAD5DA2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{847E1B7F-36A7-4D38-875C-F427A36A705F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 

"{869B4F14-AB44-429B-BD01-99EF89DB640F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{89CDE994-D4F8-4CF9-9EF2-AAF163CF8248}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{8D2A95AF-3D82-4211-8973-65616543EEDD}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{8F16B1E7-AE4D-4C9C-BAAC-9E51A793C3C3}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{9CC2F7D1-6037-4615-90D1-5C912A338863}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 

"{A3008DBD-41C8-41A2-9C7F-2329F3B95DA3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{A517C3DA-65EA-48A9-A9E8-2DE69B9D0D86}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 

"{ADC028AF-7DFC-4B66-B79B-7D8E0EE325E1}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{BAD62B64-FC49-48C5-BDD9-524EB6B6B59B}" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe | 

"{BB0C0896-E775-4FB8-9064-590E5320A637}" = dir=in | app=c:\program files\skype\phone\skype.exe | 

"{BC51C0DA-2477-48AA-8FC8-81124A1E4F1E}" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{BC853D97-08B9-4586-9C43-DFA3C33392F6}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | 

"{C0541715-F39B-49DB-B10A-1A98A97FBBA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{CD168752-FF31-49A6-9642-43CFF3604F8A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 

"{CE59635E-0C5C-465B-8B6B-E210C46F4027}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 

"{D4043BB7-E6E8-4353-8ECF-C681E9414180}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 

"{D48400D1-A452-447E-8C56-51C39CBB38B3}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\cloning clyde demo\cloningclyde.exe | 

"{D6C20B96-A7E5-4D41-BB65-8BDDBA63895E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{DE434559-6B73-4579-9337-7D96FACAC8B9}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 

"{E8CFAEEE-E28F-4ED4-9C9A-690429F35CE3}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{EA2AB6F6-D385-4F1F-A5BA-DAB4210751C0}" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"{ECC0E031-7E87-45F5-A5F8-9ECF26EA4B73}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe | 

"{F12BF12D-1359-4BA5-A4AE-21B0F639DEDE}" = protocol=6 | dir=in | app=c:\users\promarkt\downloads\sweetimsetup (1).exe | 

"{F217BB12-3012-4973-A266-6F3936724FE1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{F2C6065F-CB6F-42F9-873D-139BB74FC505}" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\common\fluttabyes trailer\smp.exe | 

"{F31BA15B-E47E-4CD2-9138-26F49E183C79}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{F7C7DF0C-DE83-49CC-AAD3-364482A75374}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 

"{F808A2E2-9E57-4128-8C93-A01AABADABFE}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 

"TCP Query User{2E10178D-5EBA-44C9-AD5A-9366393EA43A}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"TCP Query User{4A38F161-D678-4318-BBCE-1ECF809BD066}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"TCP Query User{5057036A-FCAD-4108-9FE6-44CBEDBBEAD2}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 

"TCP Query User{54D41A2D-05BC-4B30-A956-B9D5DA55AA07}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 

"TCP Query User{5F63B3AC-2FAA-4ABC-BA71-A76DA10A5444}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"TCP Query User{8DA1BF8B-1D86-4ADD-9EC8-B32D2DDEF3F8}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe | 

"TCP Query User{9E205BE3-1A54-49B9-B6D9-3D77E290D760}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=6 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe | 

"TCP Query User{A320ABF8-3945-4CAA-AAEF-FF9662B592D1}C:\games\world_of_tanks\worldoftanks.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | 

"TCP Query User{A81A1FE5-96A9-45EB-A04E-03C85F850FE6}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"TCP Query User{E10C278F-2A1E-4308-BC93-CC1B14B00985}C:\program files\opera\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera\opera.exe | 

"TCP Query User{F1024B5E-3CBA-497C-9CF3-EE33B439444A}C:\games\world_of_tanks\wotlauncher.exe" = protocol=6 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 

"UDP Query User{0F06F252-F68A-4F17-A3E4-61A8278AA0E5}C:\program files\opera\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera\opera.exe | 

"UDP Query User{37345880-D1F4-43AA-9E27-8429ADBD73AD}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe | 

"UDP Query User{3ADBB293-033D-449E-86C0-D9CC14C5FDCB}C:\games\world_of_tanks\wotlauncher.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\wotlauncher.exe | 

"UDP Query User{3ADEAE7F-A8A2-41A6-89A1-8C21121BD4A0}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 

"UDP Query User{3B471DAC-9DD3-4D5C-B611-13564A2F036B}C:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe" = protocol=17 | dir=in | app=c:\users\promarkt\desktop\fogdownloader-rom_2_1_6_2049.exe | 

"UDP Query User{4D906713-D34E-4859-B938-1018C6D57D79}C:\users\promarkt\musik\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\users\promarkt\musik\imesh applications\imesh\imesh.exe | 

"UDP Query User{57D31400-75FF-4746-B9FC-AE5B1DE16940}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 

"UDP Query User{61B3C153-5CEB-47CD-B21F-0620EBAF41E1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 

"UDP Query User{CBC23B42-9538-4058-98B7-BAC9DF8FEBB2}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 

"UDP Query User{CF929AE1-7C52-433F-950A-B13A59CB63F2}C:\games\world_of_tanks\worldoftanks.exe" = protocol=17 | dir=in | app=c:\games\world_of_tanks\worldoftanks.exe | 

"UDP Query User{EB111ED2-1147-4942-89A4-AA73C6B55896}C:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=c:\program files\steam\steamapps\gerhardolli\half-life 2 deathmatch\hl2.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources

"{0360D8F0-626A-4E87-8A16-938BD0BEBCC5}" = 32 Bit HP CIO Components Installer

"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu

"{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver

"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan

"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology

"{097CDB1E-07C9-40F1-9972-F0F9F3A287E4}" = Network

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos

"{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5}_is1" = SiteRanker

"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery

"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant

"{17B3A135-BAA4-1953-AEDF-1496A5159E2A}" = CCC Help French

"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.1

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{206262A9-1646-7014-22A0-41945D93426C}" = CCC Help Dutch

"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform

"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3

"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service

"{2677066A-6ACC-8B1B-82C0-7311ED12D73A}" = CCC Help Turkish

"{26A24AE4-039D-4CA4-87B4-2F83216016F0}" = Java(TM) 6 Update 16

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 26

"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program

"{29164718-5C73-D67E-8A3F-A00220D98818}" = CCC Help Portuguese

"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}" = Free Ride Games Player

"{2DA0C980-2ACE-3F81-0306-131F70BD751B}" = Catalyst Control Center Core Implementation

"{2E1AC6B8-F779-F3D3-3683-E0240D576917}" = CCC Help Italian

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{30FDAACF-C49B-5AE6-2AA9-2C050F929B37}" = CCC Help Hungarian

"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3460BCDC-B45D-84A7-C8ED-C5041B8E2A2B}" = CCC Help English

"{35ED8B97-897C-4BD1-AEAE-6FD3404BA082}" = Ovi Desktop Sync Engine

"{3762698E-E9DF-4DD8-99F1-8192D0F8EE06}" = Nokia_Multimedia_Common_Components_2_5

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3839C2FF-2CD0-4601-91A8-B1E40A9BE8A8}" = Driver Detective

"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources

"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F4BA3A2-7BE0-48EA-B4BC-CA4D842A409A}" = Cisco EAP-FAST Module

"{402BFE8F-E223-4215-BCCE-7634FB202909}" = Journey of Hope

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{44580BA8-245A-814D-BD25-7EA6FACD5DDC}" = CCC Help Russian

"{47C7E3C7-1E38-85DB-887D-F9FF84F2086A}" = CCC Help Chinese Standard

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A11948E-8521-43B8-BBBD-5C24B804F0A3}" = Samsung PC Studio 3

"{4B6B024F-F6D4-4A7B-8ADA-F9F8370320CC}" = SRS Premium Sound

"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform

"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works

"{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety

"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio

"{566F3EB2-C09A-F090-F573-169C42E7E381}" = Catalyst Control Center Graphics Full Existing

"{567C654B-7FE9-4970-8323-56E8191D1941}" = ASUS FancyStart

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7

"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status

"{5C97698A-FAB5-41DB-ADB0-5FCB2BC84588}" = InternetExplorer-GMX-Addon

"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI

"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM

"{62CA4D04-7DC8-7ED6-7AE4-833A79AE2DF9}" = Catalyst Control Center Graphics Full New

"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon

"{655E04FB-E875-4668-D05A-A3CED767DFF8}" = CCC Help Korean

"{656C519D-C82C-F7E0-93CE-087D5CA75AEA}" = ccc-core-static

"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes

"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin

"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect

"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2

"{6F6A5334-78E9-4D9B-8182-8B41EA8C39EF}_is1" = AppGraffiti

"{7099D2EB-872E-5163-3F00-A893AC905042}" = CCC Help Japanese

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames" = WildTangent Games App

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{72E84495-D53C-07FB-76D0-4DD11E710882}" = Catalyst Control Center Localization All

"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core

"{7B15D70E-9449-4CFB-B9BC-798465B2BD5C}" = Norton Internet Security

"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey

"{806C9880-B087-B336-A86A-5E7E4DB95C39}" = CCC Help Norwegian

"{81601299-AD02-403C-9A47-93C509FE2EC2}" = Catalyst Control Center - Branding

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113219527}" = Gemsweeper

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119633810}" = Club Der Ermittlerinnen - 4 Kleine dunkle Lügen

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119974283}" = Jar of Marbles

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-119988867}" = Fear for Sale - Mystery of McInroy Manor

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005202}" = Magical Mysteries

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005245}" = Jewel Match 3

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005390}" = The Agency of Anomalies

"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-510005401}" = Dream Woods 2

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert

"{847378DE-A6F2-4D63-ADA5-FE90496222D5}" = O&O CleverCache

"{85916CB0-4F79-4672-9E74-2F08B8A7157F}" = Das Seelenschiff

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg

"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash

"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007

"{90120000-0015-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007

"{90120000-0015-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007

"{90120000-0015-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007

"{90120000-0016-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007

"{90120000-0016-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007

"{90120000-0016-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007

"{90120000-0018-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007

"{90120000-0018-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007

"{90120000-0018-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007

"{90120000-0019-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007

"{90120000-0019-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007

"{90120000-0019-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007

"{90120000-001A-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007

"{90120000-001A-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007

"{90120000-001A-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007

"{90120000-001B-040C-0000-0000000FF1CE}_PROHYBRIDR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007

"{90120000-001B-0410-0000-0000000FF1CE}_PROHYBRIDR_{71CCE0F1-A3B4-49C9-A328-1DABE845E0C4}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007

"{90120000-001B-0413-0000-0000000FF1CE}_PROHYBRIDR_{DC387AA5-94A6-4920-B004-D59846526D81}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007

"{90120000-001F-0401-0000-0000000FF1CE}_PROHYBRIDR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_PROHYBRIDR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_PROHYBRIDR_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007

"{90120000-001F-0413-0000-0000000FF1CE}_PROHYBRIDR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007

"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007

"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_PROHYBRIDR_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007

"{90120000-006E-040C-0000-0000000FF1CE}_PROHYBRIDR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007

"{90120000-006E-0410-0000-0000000FF1CE}_PROHYBRIDR_{0A75DA12-55CB-4DE5-8B6A-74D97847204E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007

"{90120000-006E-0413-0000-0000000FF1CE}_PROHYBRIDR_{89C8E56A-90D8-4598-B0E6-EB28F6270E07}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter

"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{927AA2A2-7631-4EA2-A1F9-252D27B9D0A2}" = Nokia Ovi Suite

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195

"{934B3B19-8193-467A-B356-E73F82647D38}" = Cisco LEAP Module

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector

"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110

"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter

"{A460F932-27CF-76F6-A291-8C4F7337EFE9}" = CCC Help Spanish

"{A48A1D1C-307A-46F9-983E-9762863D15F1}" = GMX Toolbar MSVC100 CRT x86

"{A528306A-C5EC-481C-A619-6106334E6800}" = Nokia Ovi Player

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB429542-1E9D-7479-7ED4-B6D0B5C237E7}" = CCC Help Czech

"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply

"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.6 - Deutsch

"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86

"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B32ECB8E-4532-FD59-02C4-CB0B8F90F68D}" = CCC Help Swedish

"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support

"{B61F7104-884B-D57D-1626-DE5AD5674B51}" = Skins

"{B7606E5A-5D01-789F-F5E1-39D78F04854C}" = Catalyst Control Center Graphics Previews Vista

"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver

"{BA63348B-143D-4CAC-A355-3879402ED781}" = Nokia Ovi Suite Software Updater

"{BAD1449B-DF0C-4118-B76D-68C54009576C}" = Cisco PEAP Module

"{BB1E1B48-6136-1887-7307-2D9414009516}" = CCC Help Thai

"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2

"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter

"{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{BFDAC740-3ACD-50A5-6259-F14FA93C86A5}" = ccc-utility

"{C0AE3E60-6003-AF6F-BF8A-B2829480D39D}" = CCC Help Greek

"{C1DFFC18-D91D-0481-0003-5B968F09AFDF}" = CCC Help Chinese Traditional

"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio 3

"{C4B045DB-C2C0-4A05-8DA5-754B4733EE31}" = Nokia Ovi One Touch Access

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant

"{C92877A9-9294-334C-0AEB-A1CCA8905FC6}" = CCC Help Finnish

"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime

"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget

"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp

"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack

"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour

"{D179B513-AD43-4013-AC50-C16107A0A02D}" = LogMeIn Hamachi

"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media

"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch

"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D463B523-2F2F-A82D-B980-01C9AD578580}" = CCC Help Danish

"{D7385800-AE69-7527-1615-7DFDC02DF55A}" = Catalyst Control Center Graphics Light

"{D8DDC00B-2881-407D-AAC2-44AEE70AF0B7}" = Nokia Software Updater

"{DA41F9E9-B878-467F-95E7-27E4D1943533}" = Multimedia Card Reader

"{DB7752E0-D5F8-93DA-7C34-3CD8ECB123B5}" = CCC Help Polish

"{DBE1E170-3EF6-AAA5-32C4-A78D98DF86A1}" = ATI Catalyst Install Manager

"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update

"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEDB47A3-C988-4A43-A645-E2CEA571E680}" = Epson Easy Photo Print 2

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218

"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer

"{E59AA04C-67BC-C6F8-E8B9-A9E103E3F49B}" = CCC Help German

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0

"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update

"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer

"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}" = Die Sims - Complete Collection

"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm

"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager

"{FC3D5BBB-CDF6-252C-2212-06D61AD2C628}" = Catalyst Control Center InstallProxy

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"04d1a5ee752ea0bba32187facb004bdc" = The Magician's Handbook - Cursed Valley

"0f39ccaa11c9cd1f89baf152791761e4" = G.H.O.S.T. Hunters

"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = GMX Softwareaktualisierung

"1&1 Mail & Media GmbH Toolbar FF" = GMX Toolbar für Mozilla Firefox

"1&1 Mail & Media GmbH Toolbar IE8" = GMX Toolbar für Internet Explorer

"14d282e311142e19fed42f537b66812d" = Golden Trails - The New Western Rush

"20 days to find Amy_is1" = 20 days to find Amy

"3579ddfd54c5f785ab5b7ad236e820d2" = Golden Trails 2 - The Lost Legacy

"37e10e4eaf44e0b4f634b76a940b6c2d" = A Gypsy's Tale - The Tower of Secrets

"3d6591571f4d1f2816b51fa639cc3064" = Adventure Chronicles

"3d6a0fd7d50d9d5415e8469c14994675" = Campfire Legends - The Last Act Premium Edition

"422f8c51dc38c8f457f34177464aa4cd" = Mortimer Beckett and the Secrets of Spooky Manor

"477ddef69c1f5f948c934c84eb573b5e" = Gold Rush - Treasure Hunt

"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)

"510005627" = Macabre Mysteries - Curse of the Nightingale

"54b97cd87dc11fb7a021ff00eb405c94" = Big City Adventure - San Francisco

"85f3d7b141ab87ca6b3046789c286c75" = Mysteryville

"868b646b464ed3353ca94b579eee1a61" = Jewel Match 2

"ABAEnglish" = ABAEnglish 2.0

"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Shockwave Player" = Adobe Shockwave Player 11.6

"Advanced SystemCare 4_is1" = Advanced SystemCare 4

"Alamandi" = Alamandi

"Amazing Adventures The Caribbean Secret" = Amazing Adventures The Caribbean Secret

"Ancient Secrets" = Ancient Secrets (entfernen)

"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"b3a4763adf0308bdc9d700912dd19bad" = The Treasures of Mystery Island

"BabylonToolbar" = Babylon toolbar on IE

"Bejeweled 3" = Bejeweled 3

"Bejeweled Twist 1.0.3.8137" = Bejeweled Twist 1.0.3.8137

"bf28585d035ebda81d8dad6bba4b578b" = Voodoo Whisperer - Curse of a Legend

"BFGC" = Big Fish Games: Game Manager

"Cave Quest" = Cave Quest

"Cradle of Rome_is1" = Cradle of Rome

"d1add0d29cc2e71c1ce9672c8016211f" = Little Shop of Treasures 2

"Das mysteriöse Drachenrad" = Das mysteriöse Drachenrad

"Das Vermächtnis der Insel 2" = Das Vermächtnis der Insel 2

"Der Exorzist II" = Der Exorzist II

"DFX for Windows Media Player" = DFX for Windows Media Player

"Diamantenfee 2" = Diamantenfee 2

"Diamond Drop 2" = Diamond Drop 2

"Die 4 Elemente II" = Die 4 Elemente II

"Die Matroschka-Morde" = Die Matroschka-Morde

"Die Wiege Ägyptens" = Die Wiege Ägyptens

"Die Wiege Olympias 3" = Die Wiege Olympias 3

"DivX Setup" = DivX-Setup

"DSGPlayer" = DEUTSCHLAND SPIELT GAME CENTER

"e57b471cf4eded51f540b1940d35d50d" = Mortimer Beckett and the Time Paradox

"ea8d1486bb53de1d7add0a3a48600ba8" = Romance of Rome

"Elantech" = ETDWare PS/2-x86 7.0.5.3 WHQL

"Elementals: Der Magische Schlüssel" = Elementals: Der Magische Schlüssel (entfernen)

"EPSON Scanner" = EPSON Scan

"EPSON Stylus SX100_TX100 Benutzerhandbuch" = EPSON Stylus SX100_TX100 Handbuch

"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall

"Firefox 3.5 GMX Edition" = Firefox 3.5 GMX Edition

"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.9.908

"GamesBar" = GamesBar 2.0.1.109

"Geheime Fälle: Die gestohlene Venus" = Geheime Fälle: Die gestohlene Venus (entfernen)

"Geheime Fälle: Vermisst in Rom - Spezialversion" = Geheime Fälle: Vermisst in Rom - Spezialversion

"Geheimnis von Montezuma 3" = Geheimnis von Montezuma 3

"Ghost Town Mysteries" = Ghost Town Mysteries

"Google Chrome" = Google Chrome

"Hide and Secret 4: Die verlorene Welt" = Hide and Secret 4: Die verlorene Welt

"HP Imaging Device Functions" = HP Imaging Device Functions 14.0

"HP Smart Web Printing" = HP Smart Web Printing 4.60

"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0

"HPExtendedCapabilities" = HP Customer Participation Program 14.0

"iMesh 1 MediaBar" = MediaBar

"incredibar" = Incredibar Toolbar  on IE and Chrome

"InstallShield_{055A9D81-5E0A-4088-94B3-BAC849EC3C20}" = Multimedia Keyboard & Mouse Driver

"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InternetExplorer-GMX-Addon" = InternetExplorer-GMX-Addon

"jetztspielenob.de Toolbar" = jetztspielenob.de Toolbar

"Jewel Quest II_is1" = Jewel Quest II

"Karthago 3" = Karthago 3

"Kfz-Kosten senken_is1" = Kfz-Kosten senken 1.1.8

"Kinder des Mondes" = Kinder des Mondes

"Laura Jones" = Laura Jones

"LogMeIn Hamachi" = LogMeIn Hamachi

"Magic Encyclopedia 2: Mondschein" = Magic Encyclopedia 2: Mondschein (entfernen)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000

"Meine kleine Farm: Das antike Rom" = Meine kleine Farm: Das antike Rom

"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU

"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Midnight Mysteries" = Midnight Mysteries

"Midnight Mysteries: Teufel auf dem Mississippi Sammleredition" = Midnight Mysteries: Teufel auf dem Mississippi Sammleredition

"Millionaire Manor: Die Wimmelbildshow" = Millionaire Manor: Die Wimmelbildshow

"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)

"MyPlayCity Toolbar" = MyPlayCity Toolbar

"Mystery of Unicorn Castle_is1" = Mystery of Unicorn Castle

"Mystery P.I. - The Curious Case of Counterfeit Cove" = Mystery P.I. - The Curious Case of Counterfeit Cove

"Nightfall Mysteries - Die Ashburg Verschwörung_is1" = Nightfall Mysteries - Die Ashburg Verschwörung

"Nokia Ovi One Touch Access" = Nokia Ovi One Touch Access 6.85.3019

"Nokia Ovi Suite" = Nokia Ovi Suite

"NSS" = Norton Security Scan

"ORTMANN Media-Verlag Cross Stitch Designer 4.0" = ORTMANN Cross Stitch Designer 4.0

"Phantasmat" = Phantasmat

"PROHYBRIDR" = 2007 Microsoft Office system

"Red Crow Mysteries: Legion" = Red Crow Mysteries: Legion

"Registry Mechanic_is1" = PC Tools Registry Mechanic 11.0

"Rune Of Fate_is1" = Rune Of Fate

"Sacra Terra: Nacht der Engel" = Sacra Terra: Nacht der Engel

"Samantha Swift 4" = Samantha Swift 4

"Samantha Swift and the Hidden Roses of Athena" = Samantha Swift and the Hidden Roses of Athena

"SAMSUNG Mobile Modem" = SAMSUNG Mobile Modem Driver Set

"Samsung Mobile phone USB driver" = Samsung Mobile phone USB driver Software

"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software

"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software

"Sarah’s Ranch" = Sarah’s Ranch

"Schätze der geheimnisvollen Insel: Das Geisterschiff" = Schätze der geheimnisvollen Insel: Das Geisterschiff

"screensaver_wnw_v2_400_euro_fi_is1" = screensaver_wnw_v2_400_euro_fi

"Sherlock Holmes und der Hund der Baskervilles" = Sherlock Holmes und der Hund der Baskervilles

"Shop for HP Supplies" = Shop for HP Supplies

"Snark Busters: Willkommen im Club" = Snark Busters: Willkommen im Club

"Spiegelwelten" = Spiegelwelten

"Sprill & Ritchie: Abenteuerliche Zeitreisen" = Sprill & Ritchie: Abenteuerliche Zeitreisen (entfernen)

"Steam App 38190" = Romance of Rome

"Steam App 91820" = Cloning Clyde Demo

"Tatort Museum" = Tatort Museum

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"The Clumsys 2 - Butterfly Effect" = The Clumsys 2 - Butterfly Effect (entfernen)

"The Fool" = The Fool

"The Island: Castaway" = The Island: Castaway

"The Lost Kingdom Prophecy" = The Lost Kingdom Prophecy (entfernen)

"The Wizard's Pen 1.01" = The Wizard's Pen 1.01

"Um die Welt in 80 Tagen_is1" = Um die Welt in 80 Tagen 1.0

"Uninstall_is1" = Uninstall 1.0.0.1

"USB 2.0 1.3M UVC WebCam" = USB 2.0 1.3M UVC WebCam

"USB Mass Storage Filter Driver" = Multimedia Card Reader

"Vacation Quest - Australia" = Vacation Quest - Australia

"VLC media player" = VLC media player 1.0.5

"WildTangent wildgames Master Uninstall" = WildTangent-Spiele

"WinLiveSuite" = Windows Live Essentials

"World Mosaics 4" = World Mosaics 4

"WTA-30a74d62-0d10-4278-8fa1-af57463c6487" = Isla Dorada - Episode 1: The Sands of Ephranis

"Xvid_is1" = Xvid 1.2.2 final uninstall

"Zylom Games Player Plugin" = Zylom Games Player Plugin

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"DragonStone Deluxe" = DragonStone Deluxe

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 21.12.2010 13:42:49 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 21.12.2010 15:35:20 | Computer Name = ProMarkt-PC | Source = Application Hang | ID = 1002

Description = Programm GPlayer.exe, Version 1.2010.6.23 arbeitet nicht mehr mit 

Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet 

"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über

 das Problem zu suchen.  Prozess-ID: 1338  Anfangszeit: 01cba142df5a63dc  Zeitpunkt der

 Beendigung: 9

 

Error - 21.12.2010 19:33:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 22.12.2010 07:48:29 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 22.12.2010 09:00:54 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 22.12.2010 15:14:06 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 02:28:46 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 05:54:00 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 11:09:43 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 23.12.2010 13:39:50 | Computer Name = ProMarkt-PC | Source = WinMgmt | ID = 10

Description = 

 

[ System Events ]

Error - 20.02.2012 10:45:08 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7011

Description = 

 

Error - 20.02.2012 10:46:32 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7022

Description = 

 

Error - 20.02.2012 10:49:18 | Computer Name = ProMarkt-PC | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am 20.02.2012 um 15:47:14 unerwartet heruntergefahren.

 

Error - 20.02.2012 10:49:41 | Computer Name = ProMarkt-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000

Description = 

 

Error - 20.02.2012 10:49:53 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 20.02.2012 10:50:03 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 20.02.2012 10:50:07 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7001

Description = 

 

Error - 20.02.2012 10:50:46 | Computer Name = ProMarkt-PC | Source = Service Control Manager | ID = 7026

Description = 

 

Error - 20.02.2012 10:51:08 | Computer Name = ProMarkt-PC | Source = DCOM | ID = 10005

Description = 

 

 

< End of report >

--- --- ---

warum 2 mal extras, ich brauche einmal otl.txt und einmal extras.txt

sorry, ich habe das durcheinander gebracht....

c

========== Win32 Services (SafeList) ==========

SRV - [2012.02.15 05:13:49 | 000,481,064 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.02.07 13:18:28 | 001,373,576 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.10.25 13:44:42 | 000,793,048 | ---- | M] (PC Tools) [Auto | Stopped] -- C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2011.07.01 16:15:40 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.05.28 13:46:56 | 000,353,168 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2011.04.27 09:08:02 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.10.12 18:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.04.04 00:27:42 | 000,069,120 | ---- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2010.01.26 12:41:08 | 000,652,800 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2009.12.25 19:50:46 | 001,214,352 | ---- | M] (mquadr.at softwareengineering und consulting gmbh) [Auto | Stopped] -- C:\Windows\System32\ieconfig_1und1_svc.exe -- (serviceIEConfig)
SRV - [2009.12.09 12:46:48 | 000,701,768 | ---- | M] (O&O Software GmbH) [Auto | Stopped] -- C:\Program Files\OO Software\CleverCache\ooccag.exe -- (O&O CleverCache)
SRV - [2009.04.07 18:04:36 | 000,070,880 | ---- | M] (SRS Labs, Inc.) [Auto | Stopped] -- C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe -- (SRS_VolSync_Service)
SRV - [2008.08.14 04:59:52 | 000,100,920 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2008.03.31 10:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [Auto | Stopped] -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2007.08.08 08:08:40 | 000,094,208 | ---- | M] () [Auto | Stopped] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.05.31 16:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.05.08 17:00:48 | 002,179,072 | ---- | M] (UASSOFT.COM) [Auto | Stopped] -- C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\KMWDSrv.exe -- (KMWDSERVICE)

========== Driver Services (SafeList) ==========

DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.07.01 16:15:40 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.01 16:15:40 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.22 09:25:22 | 000,046,184 | ---- | M] (Exent Technologies Ltd.) [Kernel | Auto | Stopped] -- C:\Program Files\Free Ride Games\X6XSEx.Sys -- (X6XSEx)
DRV - [2010.01.21 14:53:16 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2009.12.30 11:30:56 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2009.12.30 11:30:48 | 000,022,016 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2009.12.30 11:30:48 | 000,007,936 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2009.12.27 09:25:06 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.09.05 13:25:36 | 001,183,744 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2009.08.22 03:26:32 | 000,030,264 | ---- | M] (ASUSTek Computer Inc) [File_System | Boot | Running] -- C:\Windows\System32\drivers\AsDsm.sys -- (AsDsm)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.04.28 04:16:09 | 001,019,392 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2009.04.11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.04.01 22:12:48 | 000,233,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SRS_PremiumSound_i386.sys -- (SRS_PremiumSound_Service)
DRV - [2009.03.19 04:06:27 | 004,386,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2009.03.19 02:33:13 | 000,093,184 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.12.24 09:39:43 | 000,014,392 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2008.11.03 08:03:27 | 000,013,880 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.08.26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.08.11 03:14:11 | 001,752,704 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2008.05.29 17:21:04 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\lullaby.sys -- (lullaby)
DRV - [2008.05.29 01:54:20 | 000,022,072 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV - [2008.05.27 21:55:53 | 000,173,576 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\ahcix86s.sys -- (ahcix86s)
DRV - [2008.04.28 14:26:41 | 000,014,352 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2008.04.07 07:00:45 | 000,006,656 | ---- | M] (Generic) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\CRFILTER.sys -- (CRFILTER)
DRV - [2007.07.24 19:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.05.02 11:11:18 | 000,109,704 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdm.sys -- (ss_mdm)
DRV - [2007.05.02 11:11:18 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_mdfl.sys -- (ss_mdfl)
DRV - [2007.05.02 11:11:16 | 000,083,592 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ss_bus.sys -- (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM)
DRV - [2006.11.02 08:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
DRV - [2006.11.02 08:30:56 | 000,044,544 | ---- | M] (Realtek Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = ASUSTeK Computer Inc.
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MyPlayCity Search
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = GMX - E-Mail, FreeMail, De-Mail, Themen- & Shopping-Portal - kostenlos
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = GMX Suche - einfach besser finden! [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = MyPlayCity Search [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = GMX Suche - einfach besser finden!
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 07 E2 B5 F1 70 FE CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {22e03916-85c5-44b0-8dc9-1830c11238d9} - No CLSID value found
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\URLSearchHook: {CA3EB689-8F09-4026-AA10-B9534C691CE0} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbhelper.dll ()
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\..\URLSearchHook: {eecbb8d2-b448-4b01-a402-969e4d5847e5} - No CLSID value found
IE - HKCU\..\URLSearchHook: {f4e6547e-325b-403c-a3bb-ad29ed37a92f} - No CLSID value found
IE - HKCU\..\URLSearchHook: {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local

========== FireFox ==========

FF - prefs.js..Keyword.Enabled: "true"
FF - prefs.js..browser.search.defaultenginename: "Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.2: "WEB.DE Suche"
FF - prefs.js..browser.search.order.3: "1und1 Suche"
FF - prefs.js..browser.search.order.4: "amazon.de"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=685749"
FF - prefs.js..browser.search.selectedEngine: "MyPlayCity Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.imesh.com/"
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.3.3.2
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.60
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.0
FF - prefs.js..extensions.enabledItems: {95f24680-9e31-11da-a746-0800200c9a66}:0.1.5.5
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:4.4
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.4

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@exent.com/npExentCtl,version=7.0.0.0: C:\Program Files\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@GamingWonderland.com/Plugin: C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll File not found
FF - HKLM\Software\MozillaPlugins\@oberon-media.com/ONCAdapter: C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll (Oberon-Media )
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.03.08 19:25:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\3.bin
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.13 20:49:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\siteranker@siteranker.com: C:\Program Files\SiteRanker\firefox\ [2011.07.18 22:29:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.15 14:44:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\gtffxtbr@GamingWonderland.com: C:\Program Files\GamingWonderland\bar\1.bin [2012.02.20 15:20:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.01.21 10:12:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.21 21:20:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.03.08 19:25:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.01.13 20:49:24 | 000,000,000 | ---D | M]

[2009.12.25 19:36:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Extensions
[2012.02.20 12:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions
[2010.05.13 21:48:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.02.16 19:09:06 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2009.12.25 19:36:14 | 000,000,000 | ---D | M] (Update Notifier) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{95f24680-9e31-11da-a746-0800200c9a66}
[2012.02.10 20:42:15 | 000,000,000 | ---D | M] (MyPlayCity Toolbar) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{A9897564-CA29-4CAE-8A26-453035570837}
[2010.10.11 12:52:02 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.17 23:06:48 | 000,000,000 | ---D | M] (AppGraffiti) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\AppGraffiti@AppGraffiti.com
[2011.04.20 21:09:08 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\engine@conduit.com
[2012.02.09 16:43:40 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\ffxtlbr@babylon.com
[2012.02.18 04:21:00 | 000,000,000 | ---D | M] (Oberon GamesBar) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\gamesbar@oberon-media.com
[2012.02.13 16:35:37 | 000,000,000 | ---D | M] (GamingWonderland) -- C:\Users\ProMarkt\AppData\Roaming\mozilla\Firefox\Profiles\dpdbejhm.default\extensions\gtffxtbr@GamingWonderland.com
[2012.02.20 11:28:31 | 000,000,933 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\11-suche.xml
[2009.12.25 19:37:37 | 000,005,599 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\1und1-suche.xml
[2009.12.25 19:37:36 | 000,001,381 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\amazonde.xml
[2011.01.02 18:03:18 | 000,002,333 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\askcom.xml
[2010.05.27 21:37:46 | 000,001,819 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\bing.xml
[2010.10.23 11:30:23 | 000,000,873 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\conduit.xml
[2012.02.20 11:28:31 | 000,002,419 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\englische-ergebnisse.xml
[2009.12.25 19:37:36 | 000,010,613 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\gmx-suche.xml
[2012.02.20 11:28:31 | 000,002,457 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\lastminute.xml
[2012.01.31 07:20:08 | 000,002,013 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\myplaycity-search.xml
[2012.02.12 19:37:51 | 000,002,203 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\MyStart Search.xml
[2010.10.01 10:55:35 | 000,010,017 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\mywebsearch.xml
[2010.04.24 16:33:45 | 000,001,418 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\preisvergleich.xml
[2010.10.05 14:04:35 | 000,001,734 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\search-the-web.xml
[2010.10.29 17:02:36 | 000,003,915 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\sweetim.xml
[2009.12.25 19:37:36 | 000,005,596 | ---- | M] () -- C:\Users\ProMarkt\AppData\Roaming\Mozilla\Firefox\Profiles\dpdbejhm.default\searchplugins\webde-suche.xml
[2011.11.23 14:54:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
() (No name found) -- C:\USERS\PROMARKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPDBEJHM.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}.XPI
() (No name found) -- C:\USERS\PROMARKT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DPDBEJHM.DEFAULT\EXTENSIONS\TOOLBAR@GMX.NET.XPI
[2012.01.21 10:12:15 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 03:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.21 10:12:10 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.09 00:26:48 | 000,002,309 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.01.21 10:12:10 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.01.21 10:12:10 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.21 10:12:10 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.18 06:00:57 | 000,001,456 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\WebSearchober7058904.xml
[2012.01.21 10:12:10 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.21 10:12:10 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

========== Chrome ==========

CHR - default_search_provider: MyPlayCity Search (Enabled)
CHR - default_search_provider: search_url = hxxp://home.myplaycity.com/results.php?category=web&s={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.56\pdf.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Oberon com adapter (Enabled) = C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.8\npapicomadapter.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Exent\u00AE AOD Gecko Plugin (Enabled) = C:\Program Files\Free Ride Games\npExentCtl.dll
CHR - plugin: MindSpark Toolbar Platform Plugin Stub (Enabled) = C:\Program Files\GamingWonderland\bar\1.bin\NPgtStub.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: My Web Search Plugin Stub (Enabled) = C:\Program Files\MyWebSearch\bar\3.bin\NPMyWebS.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: GamingWonderland = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\eajkbpchnjjpgpgpmmpadhknfkfcodnh\1.12.0.21354_0\
CHR - Extension: Die FreeRide Games Bar = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\flolnhkojafikhpkpidiphabnpgedplh\2.3.3.3_0\
CHR - Extension: BILD.de aktuell = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbhljbfcnnkedjdogkhnikeaeanifkg\1.7_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\ProMarkt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - C:\PROGRA~1\SITERA~1\SiteRank.dll (Crawler, LLC)
O2 - BHO: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (AppGraffiti) - {6F6A5334-78E9-4D9B-8182-8B41EA8C39EF} - C:\PROGRA~1\APPGRA~1\APPGRA~1.DLL (Omega Partners Ltd)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (GMX Toolbar BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O2 - BHO: (GamesBarBHO Class) - {CB0D163C-E9F4-4236-9496-0597E24B23A5} - C:\Program Files\GamesBar\2.0.1.109\oberontb.dll (Oberon Media Ltd.)
O2 - BHO: (WEB.DE Browser Configuration) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll ()
O2 - BHO: (jetztspielenob.de Toolbar) - {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
O2 - BHO: (TBSB07116 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (MediaBar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\ToolBar\imeshdtxmltbpi.dll ()
O3 - HKLM\..\Toolbar: (MyPlayCity Toolbar) - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (GamesBar) - {6F282B65-56BF-4BD1-A8B2-A4449A05863D} - C:\Program Files\GamesBar\2.0.1.109\oberontb.dll (Oberon Media Ltd.)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (GamingWonderland) - {a899079d-206f-43a6-be6a-07e0fa648ea0} - C:\Program Files\GamingWonderland\bar\1.bin\gtbar.dll File not found
O3 - HKLM\..\Toolbar: (GMX Toolbar) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files\Incredibar.com\incredibar\1.5.3.27\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (jetztspielenob.de Toolbar) - {fc01c2be-850b-4115-9b6b-9a427ddecc34} - C:\Program Files\jetztspielenob.de\tbjetz.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {22E03916-85C5-44B0-8DC9-1830C11238D9} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {30F9B915-B755-4826-820B-08FBA6BD249D} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EECBB8D2-B448-4B01-A402-969E4D5847E5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {F4E6547E-325B-403C-A3BB-AD29ED37A92F} - No CLSID value found.
O4 - HKLM..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe (ATK)
O4 - HKLM..\Run: [ADSMTray] C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [DATAMNGR] C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\DATAMN~1.EXE (iMesh, Inc)
O4 - HKLM..\Run: [DisableS3S4] c:\DisableS3S4.cmd File not found
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [KMConfig] "C:\Program Files\Multimedia Keyboard & Mouse Driver\V5\StartAutorun.exe" KMConfig.exe File not found
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NokiaMusic FastStart] C:\Program Files\Nokia\Ovi Player\NokiaOviPlayer.exe (Nokia)
O4 - HKLM..\Run: [ooccctrl.exe] C:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH)
O4 - HKLM..\Run: [SiteRanker] C:\Program Files\SiteRanker\SiteRankTray.exe (Crawler, LLC)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe (PC Tools)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Alamandi tray notifier] C:\Program Files\Intenium\Alamandi\TaskBarNotifier.exe (Intenium)
O4 - HKCU..\Run: [Binary Noise] C:\Users\ProMarkt\AppData\Roaming\7993F0.exe ()
O4 - HKCU..\Run: [EPSON SX100 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [EPSON SX100 Series (Kopie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATIEDE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Exetender] C:\Program Files\Free Ride Games\GPlayer.exe (Exent Technologies Ltd.)
O4 - HKCU..\Run: [SearchEngineProtection] C:\Program Files\GamesBar\SearchEngineProtection.exe (Oberon Media )
O4 - HKCU..\Run: [SkypeM] C:\Users\ProMarkt\AppData\Local\Skype\Skype.exe (Provtech Limited)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\ProMarkt\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} - Reg Error: Value error. File not found
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll ()
O9 - Extra 'Tools' menuitem : MyPlayCity Toolbar - {5FC86FB3-A8B1-400B-8BE7-0EAF0D857F5D} - C:\Program Files\MyPlayCity Toolbar\tbunswE4C.tmp\tbcore3.dll ()
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Jewel%20Quest%20Mysteries%20-%20Curse%20of%20the%20Emerald%20Tear/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Magician's%20Handbook%20-%20Cursed%20Valley/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} Download Games | Free Download Games at I-play Games (Oberon Flash Game Host)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C696D423-73DB-45AF-93DF-B60D64A84E33}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\gmx {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\GMX Toolbar\IE\uitb.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\datamngr.dll) - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\datamngr.dll (iMesh, Inc)
O20 - AppInit_DLLs: (C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\IEBHO.dll) - C:\Users\ProMarkt\Musik\IMESHA~1\MediaBar\Datamngr\IEBHO.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\ASUS\wallpapers\ASUS3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\ASUS\wallpapers\ASUS3.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{736601a3-c48a-11df-91da-90e6ba061ea6}\Shell\AutoRun\command - "" = F:\programs\nu2menu\nu2menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX: {045BB1B4-243F-92D7-2768-CCED9B4BA607} - DirectX
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {11775326-DDFD-465E-9DF5-00EE8605E24D} - GMX Browser Add-on
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {65331F58-91DC-4555-AEFB-840EB40D0022} - GMX Update
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {92C927EC-AAB0-C8C0-A731-55438062590A} -
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C37126B4-F30C-FDFD-AFF2-0CCB1D4F8839} - Microsoft Windows Media Player
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX: >{D507B452-F6F2-477B-AFCF-C12FC21A2782} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

CREATERESTOREPOINT
Error creating restore point.

========== Files/Folders - Created Within 30 Days ==========

[2012.02.20 16:14:16 | 000,583,168 | ---- | C] (OldTimer Tools) -- C:\Users\ProMarkt\Desktop\OTL.exe
[2012.02.20 13:22:00 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Malwarebytes
[2012.02.20 13:21:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.20 13:21:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.20 13:21:52 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.02.20 13:21:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.02.20 12:43:08 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Desktop\mama filme
[2012.02.20 09:23:25 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{06E08FEB-F9D0-4C6B-86DB-EE04BEB1F083}
[2012.02.20 09:22:49 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{9A95A3FB-0E8B-4313-AFC7-1786623FA5B1}
[2012.02.19 22:16:01 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\SprillRichiGerman
[2012.02.19 22:15:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sprill & Ritchie Abenteuerliche Zeitreisen
[2012.02.19 22:14:05 | 000,000,000 | ---D | C] -- C:\Program Files\Sprill & Ritchie Abenteuerliche Zeitreisen
[2012.02.19 22:04:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elementals Der Magische Schlüssel
[2012.02.19 22:04:02 | 000,000,000 | ---D | C] -- C:\Program Files\Elementals Der Magische Schlüssel
[2012.02.19 20:09:52 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{CBB4D619-6001-439C-BB67-BEFD8C2D1E57}
[2012.02.19 20:09:17 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{31B75D80-6FA9-474C-9075-EBD864DCB9C7}
[2012.02.19 17:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb
[2012.02.19 17:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\1und1Softwareaktualisierung
[2012.02.19 17:34:13 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\1&1 Mail & Media GmbH
[2012.02.19 17:34:11 | 000,000,000 | ---D | C] -- C:\Program Files\GMX Toolbar
[2012.02.19 13:05:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Frogwares
[2012.02.19 12:31:58 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\AlderGames
[2012.02.19 10:43:32 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\TimeParadox
[2012.02.19 10:05:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals
[2012.02.19 08:08:44 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{80AEF285-8834-4CC5-9DE8-821973FACB33}
[2012.02.19 08:08:11 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{EE9E2CC6-BDBA-41FB-8911-98A44E02C590}
[2012.02.18 21:05:03 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\JaiboGames
[2012.02.18 20:37:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Absolutist
[2012.02.18 20:37:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Absolutist
[2012.02.18 19:50:32 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Sahmon Games
[2012.02.18 16:26:37 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{D7C1555B-132E-4E79-A017-E37408320DFA}
[2012.02.18 16:26:03 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{235AAB52-B5B1-4AF8-B96D-E842C4EF3905}
[2012.02.18 16:08:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Cateia Games
[2012.02.18 15:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\934bcbfe-35c5-4039-88e2-8d1494de198e
[2012.02.18 06:01:39 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\I-play
[2012.02.18 06:01:20 | 000,000,000 | ---D | C] -- C:\Program Files\Oberon Media SIDR
[2012.02.18 04:25:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{BB8C1D98-1E90-432D-A256-B73D4AAB682D}
[2012.02.18 04:25:00 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{3EDEA8D6-AD2A-4029-9BEE-DF640A676F8C}
[2012.02.18 04:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar
[2012.02.18 04:20:53 | 000,000,000 | ---D | C] -- C:\ProgramData\GamesBar
[2012.02.18 04:20:44 | 000,000,000 | ---D | C] -- C:\Program Files\GamesBar
[2012.02.17 20:45:47 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\TheLostKingdomProphecy
[2012.02.17 20:45:30 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Lost Kingdom Prophecy
[2012.02.17 20:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Lost Kingdom Prophecy
[2012.02.17 20:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\The Lost Kingdom Prophecy
[2012.02.17 20:33:19 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\BanzaiInteractive
[2012.02.17 20:33:19 | 000,000,000 | ---D | C] -- C:\ProgramData\BanzaiInteractive
[2012.02.17 20:32:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Clumsys 2 - Butterfly Effect
[2012.02.17 20:32:46 | 000,000,000 | ---D | C] -- C:\Program Files\The Clumsys 2 - Butterfly Effect
[2012.02.17 20:31:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ancient Secrets
[2012.02.17 20:31:45 | 000,000,000 | ---D | C] -- C:\Program Files\Ancient Secrets
[2012.02.17 19:53:25 | 000,000,000 | ---D | C] -- C:\Program Files\Magic Encyclopedia 2 Mondschein
[2012.02.17 16:24:30 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{71C7EEAC-BF91-4907-BBC3-A563B6D05967}
[2012.02.17 16:23:57 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{F2B444A1-9445-41C6-8B17-172C48C4A8AC}
[2012.02.17 14:50:13 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Orneon
[2012.02.17 14:43:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Meine Spiele
[2012.02.17 14:43:39 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\gemsweeperextractedgfx
[2012.02.17 14:43:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Documents\Meine Spiele
[2012.02.17 14:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\FarmFrenzy_Rome
[2012.02.17 04:23:28 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7DDFBC75-72A9-4A32-9C22-355DEDA415F8}
[2012.02.17 04:22:55 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{8BBCAFC6-A441-441A-994B-55828691DED6}
[2012.02.16 21:24:06 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\LogMeIn Hamachi
[2012.02.16 21:14:16 | 000,026,176 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\System32\hamachi.sys
[2012.02.16 21:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.02.16 21:14:10 | 000,000,000 | ---D | C] -- C:\Program Files\LogMeIn Hamachi
[2012.02.16 16:22:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{FFA1D6E0-7B01-4CB9-A24B-E954262DD2C4}
[2012.02.16 16:21:43 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{6E23B8C3-455A-40EE-88E0-2A46DCDE2E7A}
[2012.02.15 22:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Geheime Fälle Die gestohlene Venus
[2012.02.15 22:28:52 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Playrix Entertainment
[2012.02.15 15:14:50 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{B15F08F5-FECD-4891-8069-3952DB4CD910}
[2012.02.15 15:14:31 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{4C8DDA8B-BE6F-4FD3-A0B0-6EF37C675244}
[2012.02.15 00:52:31 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{C100873D-0FE4-4C55-9DE9-AF379642D061}
[2012.02.15 00:52:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{2DD21489-E014-41AA-80F3-292904E80307}
[2012.02.14 23:28:48 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\MumboJumbo
[2012.02.13 17:47:51 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1002
[2012.02.13 17:08:39 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\GameHouse
[2012.02.13 16:35:32 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderland
[2012.02.13 16:34:15 | 000,000,000 | ---D | C] -- C:\Program Files\GamingWonderlandEI
[2012.02.13 16:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\20 days to find Amy
[2012.02.13 16:26:49 | 000,000,000 | ---D | C] -- C:\ProgramData\FreshGames
[2012.02.13 07:25:42 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5012C643-FEA1-4C99-8308-885D4876F9FA}
[2012.02.13 07:25:10 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{EF916465-00DB-4F71-9226-DD0DC17E08CE}
[2012.02.12 19:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Incredibar.com
[2012.02.12 15:27:46 | 000,000,000 | ---D | C] -- C:\ProgramData\TERMINAL Studio
[2012.02.12 14:22:36 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{A959CC99-D2C8-4805-9CDF-03285680BDB3}
[2012.02.12 14:22:10 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{D9A02749-05D6-4531-A022-FBF1FA525DA7}
[2012.02.11 22:01:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Deep Shadows
[2012.02.11 19:04:54 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\ElementalsTheMagicKey
[2012.02.11 11:22:36 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{427124AA-53F1-40C1-9046-9DA98D7259F7}
[2012.02.11 11:22:10 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{28E234F3-6D72-4F30-A82F-96C2BD001969}
[2012.02.10 20:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Meridian93
[2012.02.10 20:42:19 | 000,000,000 | ---D | C] -- C:\Program Files\MyPlayCity Toolbar
[2012.02.10 20:30:56 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5F3B5C97-ADDF-476C-AF74-2A8618A96239}
[2012.02.10 20:30:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{E00623D7-F44C-4AEB-9CD2-F3A974502414}
[2012.02.10 01:37:20 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5CFC722E-3948-4C99-9E4B-3DCCAE97F4BA}
[2012.02.10 01:36:58 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7F239678-DB51-4026-AFE6-64B998748F66}
[2012.02.09 19:55:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Astar Games
[2012.02.09 19:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\UAB
[2012.02.09 19:42:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\PC_Drivers_Headquarters
[2012.02.09 19:42:00 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters
[2012.02.09 19:40:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Detective
[2012.02.09 19:40:40 | 000,000,000 | ---D | C] -- C:\Program Files\PC Drivers HeadQuarters
[2012.02.09 19:13:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\MissTeriTale3
[2012.02.09 12:45:31 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{60B1E8D0-BC75-4E9E-A534-1FEAB593320E}
[2012.02.09 12:45:08 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{58EDA5B4-10C2-4A0B-8988-CA5F0231CF3A}
[2012.02.09 00:28:01 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VLC
[2012.02.09 00:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\Vlcclassic
[2012.02.09 00:26:54 | 000,000,000 | ---D | C] -- C:\Program Files\BabylonToolbar
[2012.02.08 23:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\GAMEON
[2012.02.08 23:44:56 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\EnchantedCavern
[2012.02.08 23:43:57 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Exent Technologies
[2012.02.08 23:02:32 | 000,000,000 | ---D | C] -- C:\ProgramData\EscapeTheMuseum
[2012.02.08 22:07:37 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Anarchy
[2012.02.08 20:55:26 | 000,000,000 | ---D | C] -- C:\ProgramData\The Mirror Mysteries
[2012.02.08 20:24:21 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Documents\Green Gamer
[2012.02.08 20:22:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent-Spiele
[2012.02.08 20:21:38 | 000,000,000 | ---D | C] -- C:\Program Files\WildGames
[2012.02.08 20:17:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games
[2012.02.08 20:16:38 | 000,000,000 | ---D | C] -- C:\Program Files\WildTangent Games
[2012.02.08 20:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\WildTangent
[2012.02.08 19:49:26 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Gamers Digital
[2012.02.08 19:49:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Gamers Digital
[2012.02.08 19:32:11 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Ride Games
[2012.02.08 19:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Free Ride Games
[2012.02.08 19:31:46 | 000,000,000 | ---D | C] -- C:\Remote Programs
[2012.02.08 19:31:21 | 000,053,314 | ---- | C] (Exent Technologies Ltd.) -- C:\Windows\ExentInfo.exe
[2012.02.08 19:31:21 | 000,000,000 | ---D | C] -- C:\Program Files\Free Ride Games
[2012.02.08 19:23:32 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{C42C1BE5-3E6E-46F2-A29A-6FF51C8D586F}
[2012.02.08 19:23:19 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{983158F5-263E-4D27-B542-B0AE3A25E2C5}
[2012.02.07 15:31:26 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{E7F691EB-AAFA-4201-9B8A-490F5CF6C13D}
[2012.02.07 15:31:08 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7ECF17CC-407C-4925-B2BF-28CBCFB1934F}
[2012.02.06 13:01:36 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{1D55E09F-38DB-420B-A1B5-40B38AA77A8C}
[2012.02.05 10:23:29 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{5DAAFD8A-E80F-4474-8789-C99A2F0C3EE0}
[2012.02.04 16:36:42 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{515A6089-9675-42FB-A9E1-01EB81FC8C18}
[2012.02.01 21:21:30 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{D85FD3BD-1552-4A95-A82A-FD83C7FA6C6D}
[2012.02.01 21:21:07 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{6DC96AFD-E276-4EBE-86A0-F6185C98ADA8}
[2012.01.31 21:34:06 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Roaming\FairyTale
[2012.01.31 21:32:05 | 000,000,000 | ---D | C] -- C:\Program Files\Conduit
[2012.01.31 21:32:03 | 000,000,000 | ---D | C] -- C:\Program Files\jetztspielenob.de
[2012.01.31 20:01:38 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{1293461A-2CFE-41B4-8F33-5A4ADE0D3CD1}
[2012.01.31 20:01:16 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{F96C6EBE-B8CC-4E2C-A1AB-9919481F3B29}
[2012.01.30 14:00:14 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{E3210B31-AFBA-4DF1-8FFA-4D5CF9BE2537}
[2012.01.30 13:59:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{EDEC5CBF-E58B-4597-88E8-4D6D76C14BAF}
[2012.01.29 11:57:33 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\Desktop\MAMA spiele
[2012.01.27 13:48:56 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{336317F9-66AF-4DC2-A77A-10418222093B}
[2012.01.27 13:48:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{B92669F0-F649-4A83-A555-6DD5E5EF5EC6}
[2012.01.25 15:44:34 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{B3F65651-7C5C-433F-952C-2EC49A479D08}
[2012.01.25 15:44:22 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{A1F1D5CC-60E0-4579-BA64-D51E75995E0C}
[2012.01.23 21:50:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.01.23 21:50:38 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012.01.23 18:03:01 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{08E3915A-FDF0-4413-9C16-AF8EF0DE24DB}
[2012.01.23 14:08:53 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{ED1A674B-035F-4500-A2AB-D0B63D1928D7}
[2012.01.22 11:42:21 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{FA2C414B-E9B1-4AE7-B8EE-15E9DF27581A}
[2012.01.22 11:41:59 | 000,000,000 | ---D | C] -- C:\Users\ProMarkt\AppData\Local\{7A92DDBD-4C08-47F7-B6A6-3AC3F83BC8DB}
[2010.02.19 19:43:47 | 000,000,010 | ---- | C] () -- C:\Users\ProMarkt\AppData\Roaming\hhxprot5
[2010.02.13 21:37:50 | 000,103,936 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.26 20:20:12 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2009.12.20 13:48:41 | 001,185,008 | ---- | C] () -- C:\Users\ProMarkt\AppData\Roaming\UserTile.png
[2009.12.20 13:43:38 | 000,000,680 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\d3d9caps.dat
[2009.12.16 17:42:38 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.12.11 17:10:04 | 000,003,362 | ---- | C] () -- C:\Users\ProMarkt\AppData\Roaming\wklnhst.dat
[2009.12.05 20:50:20 | 000,077,921 | -HS- | C] () -- C:\Users\ProMarkt\AppData\Roaming\7993F0.exe
[2009.12.02 15:19:39 | 000,115,544 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\GDIPFONTCACHEV1.DAT
[2008.10.14 22:57:58 | 000,106,496 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 16:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.02.20 16:14:17 | 000,583,168 | ---- | M] (OldTimer Tools) -- C:\Users\ProMarkt\Desktop\OTL.exe
[2012.02.20 15:49:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.20 15:39:59 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2012.02.20 15:39:33 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.20 15:38:58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.20 15:38:58 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.20 15:23:17 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.20 13:21:54 | 000,000,913 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.20 13:14:37 | 000,103,936 | ---- | M] () -- C:\Users\ProMarkt\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.20 03:57:07 | 000,000,442 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for ProMarkt.job
[2012.02.19 17:34:13 | 000,002,032 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Amazon.lnk
[2012.02.19 17:34:13 | 000,002,026 | ---- | M] () -- C:\Users\ProMarkt\Desktop\GMX.lnk
[2012.02.19 17:34:13 | 000,002,024 | ---- | M] () -- C:\Users\ProMarkt\Desktop\eBay.lnk
[2012.02.19 14:17:45 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\GAME CENTER.lnk
[2012.02.19 12:58:41 | 000,001,133 | ---- | M] () -- C:\Users\Public\Desktop\Die Wiege Ägyptens.lnk
[2012.02.19 12:58:06 | 000,000,680 | ---- | M] () -- C:\Users\ProMarkt\AppData\Local\d3d9caps.dat
[2012.02.19 12:47:17 | 000,000,199 | ---- | M] () -- C:\Users\Public\Desktop\Play More Great Games!.url
[2012.02.19 12:31:23 | 000,001,158 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Yahoo! Spiele.lnk
[2012.02.18 13:04:13 | 000,001,863 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Continue SweetIM Installation.lnk
[2012.02.18 04:20:41 | 000,001,152 | ---- | M] () -- C:\Users\ProMarkt\Desktop\iPlay Games.lnk
[2012.02.17 20:35:09 | 000,001,931 | ---- | M] () -- C:\Users\ProMarkt\Desktop\MyPlayCity Games.lnk
[2012.02.16 23:41:08 | 000,001,217 | ---- | M] () -- C:\Users\Public\Desktop\Das Vermächtnis der Insel 2.lnk
[2012.02.16 17:10:01 | 000,422,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.02.16 16:28:54 | 000,637,068 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.02.16 16:28:54 | 000,604,322 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.02.16 16:28:54 | 000,107,460 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.02.16 16:28:53 | 000,129,844 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.02.13 17:47:44 | 000,000,194 | ---- | M] () -- C:\Users\Public\Desktop\Weitere tolle Spiele!.url
[2012.02.12 19:39:48 | 000,001,060 | ---- | M] () -- C:\Users\ProMarkt\Desktop\VLC.lnk
[2012.02.12 19:38:02 | 000,000,506 | ---- | M] () -- C:\user.js
[2012.02.12 14:37:57 | 000,001,165 | ---- | M] () -- C:\Users\Public\Desktop\Cross Stitch Designer v4.lnk
[2012.02.11 20:25:10 | 000,001,021 | ---- | M] () -- C:\Users\Public\Desktop\Bejeweled 3.lnk
[2012.02.10 20:42:53 | 000,001,966 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Jewel Quest II.lnk
[2012.02.09 00:26:46 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Babylon.lnk
[2012.01.31 21:49:21 | 000,001,146 | ---- | M] () -- C:\Users\ProMarkt\Desktop\Jetztspielen.de.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.02.20 13:21:54 | 000,000,913 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.19 17:34:13 | 000,002,032 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Amazon.lnk
[2012.02.19 17:34:13 | 000,002,026 | ---- | C] () -- C:\Users\ProMarkt\Desktop\GMX.lnk
[2012.02.19 17:34:13 | 000,002,024 | ---- | C] () -- C:\Users\ProMarkt\Desktop\eBay.lnk
[2012.02.19 12:57:22 | 000,001,133 | ---- | C] () -- C:\Users\Public\Desktop\Die Wiege Ägyptens.lnk
[2012.02.19 12:47:17 | 000,000,199 | ---- | C] () -- C:\Users\Public\Desktop\Play More Great Games!.url
[2012.02.18 04:20:41 | 000,001,152 | ---- | C] () -- C:\Users\ProMarkt\Desktop\iPlay Games.lnk
[2012.02.16 23:59:51 | 000,001,158 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Yahoo! Spiele.lnk
[2012.02.16 23:41:08 | 000,001,217 | ---- | C] () -- C:\Users\Public\Desktop\Das Vermächtnis der Insel 2.lnk
[2012.02.12 19:39:48 | 000,001,060 | ---- | C] () -- C:\Users\ProMarkt\Desktop\VLC.lnk
[2012.02.12 14:36:37 | 000,001,165 | ---- | C] () -- C:\Users\Public\Desktop\Cross Stitch Designer v4.lnk
[2012.02.11 20:25:10 | 000,001,021 | ---- | C] () -- C:\Users\Public\Desktop\Bejeweled 3.lnk
[2012.02.10 20:42:53 | 000,001,966 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Jewel Quest II.lnk
[2012.02.10 20:41:52 | 000,001,931 | ---- | C] () -- C:\Users\ProMarkt\Desktop\MyPlayCity Games.lnk
[2012.02.10 20:36:32 | 000,001,863 | ---- | C] () -- C:\Users\ProMarkt\Desktop\Continue SweetIM Installation.lnk
[2012.02.09 00:26:55 | 000,000,506 | ---- | C] () -- C:\user.js
[2012.01.15 00:52:59 | 000,000,000 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\{87C5DD2F-19FD-4DE8-ABEC-E0AB347F9F07}
[2011.12.16 08:51:41 | 000,037,336 | ---- | C] () -- C:\Windows\System32\CleanMFT32.exe
[2011.12.10 04:00:34 | 001,431,120 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1.dll
[2011.01.13 20:38:18 | 000,233,481 | ---- | C] () -- C:\Windows\hpoins47.dat
[2010.12.16 17:39:02 | 000,000,552 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\d3d8caps.dat
[2010.11.19 18:50:46 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.11.13 20:24:19 | 000,000,195 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010.04.01 00:39:01 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl47.dat
[2010.03.26 21:58:46 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.19 12:39:43 | 000,819,200 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.03.19 12:39:43 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.02.21 14:50:30 | 000,015,602 | ---- | C] () -- C:\Windows\System32\SELF32.INI
[2010.02.20 22:37:49 | 000,017,408 | ---- | C] () -- C:\Users\ProMarkt\AppData\Local\WebpageIcons.db

========== LOP Check ==========

[2012.02.16 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\.minecraft
[2012.02.19 17:34:13 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\1&1 Mail & Media GmbH
[2010.02.19 19:43:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\10-Sekunden-Haushaltsbuch
[2011.07.24 05:56:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\2monkeys
[2009.12.05 21:48:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\7Wonders
[2012.02.19 10:06:21 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\A Gypsy's Tale - Der Turm des Schicksals
[2012.02.18 20:37:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Absolutist
[2011.05.07 23:58:17 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Alawar
[2012.02.15 00:29:24 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Alawar Entertainment
[2012.02.19 12:31:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\AlderGames
[2011.05.08 01:17:33 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\aliasworlds
[2010.10.30 18:39:45 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Alle meine Adressen
[2010.12.23 08:52:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\alot
[2011.05.01 19:54:26 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Anabel
[2012.02.08 22:07:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Anarchy
[2011.05.31 21:04:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Ancient Quest of Saqqarah_alawar
[2011.07.12 19:32:55 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Arkadium
[2011.05.27 19:59:55 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Artifex Mundi
[2010.11.01 21:43:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Artogon
[2010.12.23 19:17:59 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Ashampoo
[2010.05.25 20:30:45 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Avery
[2012.02.18 17:40:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Awem
[2011.04.16 04:12:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Azuaz Games
[2011.04.14 21:25:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Babylon
[2012.02.17 20:33:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\BanzaiInteractive
[2010.10.26 19:40:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Big Fish Games
[2010.12.30 14:26:57 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Buhl Data Service GmbH
[2009.12.24 19:19:29 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\BVS Solitaire Collection
[2010.12.30 20:54:16 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\cerasus.media
[2012.02.11 22:01:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Deep Shadows
[2010.10.31 21:03:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Dragon Altar Games
[2011.09.21 21:42:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\DVDVideoSoft
[2011.05.22 20:53:16 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.09.11 22:00:57 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\EleFun Games
[2012.02.15 22:23:43 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\ElementalsTheMagicKey
[2012.02.09 00:37:54 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\EnchantedCavern
[2010.05.25 19:40:02 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\EPSON
[2012.02.08 23:43:57 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Exent Technologies
[2012.01.31 21:34:06 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\FairyTale
[2011.07.24 04:47:56 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Flood Light Games
[2011.06.26 09:25:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Floodlight Games
[2011.05.31 19:51:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\FloodLightGames
[2010.04.16 12:18:00 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\FOG Downloader
[2011.06.21 19:51:27 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Friday's games
[2012.02.19 13:05:33 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Frogwares
[2010.11.12 21:41:49 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Gaijin Ent
[2012.02.13 17:08:39 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\GameHouse
[2012.02.08 19:49:26 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Gamers Digital
[2011.01.20 20:57:25 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Games
[2012.02.17 14:44:39 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\gemsweeperextractedgfx
[2010.01.10 18:46:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\GMX
[2012.02.09 14:04:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Gogii
[2011.12.01 18:20:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\GTM_Bodie
[2010.12.25 23:52:56 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\HdO Adventure
[2010.12.16 18:35:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\HitPoint Studios
[2010.12.12 14:49:54 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\ICQ
[2010.10.25 18:55:44 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Intenium
[2011.06.07 03:44:41 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\IObit
[2010.11.01 20:40:58 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\iWin
[2012.02.18 21:05:03 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\JaiboGames
[2012.02.17 14:38:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Jewel Match 3
[2010.01.23 17:50:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\KfzKostenSenken
[2010.10.23 19:56:09 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Lazy Turtle Games
[2011.05.27 16:57:49 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Legends of pirates
[2010.03.18 20:56:31 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Magic Academy
[2011.04.16 05:18:11 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Magic Academy 2
[2011.12.29 20:35:10 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MagicIndie
[2011.03.13 21:26:32 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MAI
[2011.12.31 18:57:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\md studio
[2012.02.10 20:44:29 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Meridian93
[2010.12.23 19:55:20 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Merscom
[2012.02.09 19:14:27 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MissTeriTale3
[2012.02.14 23:28:48 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\MumboJumbo
[2011.06.14 00:02:15 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Mystery of Mortlake Mansion
[2010.03.08 20:18:32 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Nokia
[2010.03.08 20:18:33 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Nokia Ovi Suite
[2012.02.18 06:01:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Oberon Media
[2011.06.18 14:21:30 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Oberonv1002
[2009.12.23 16:26:14 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\OpenOffice.org
[2009.12.04 19:32:12 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Opera
[2012.02.17 14:50:13 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Orneon
[2010.03.08 20:16:31 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PC Suite
[2010.12.02 17:28:10 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PeaceCraft2
[2009.12.20 13:48:41 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PeerNetworking
[2011.06.07 02:37:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Phantasmat_intenium_se
[2010.12.24 19:26:37 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Pirateville
[2011.07.09 20:00:29 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PlayFirst
[2011.07.09 20:18:22 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PlayPond
[2012.02.15 22:28:52 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Playrix Entertainment
[2011.05.31 20:52:22 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PoBros
[2012.02.13 17:47:51 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1002
[2010.11.06 08:19:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1003
[2010.11.05 19:47:15 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PopCapv1006
[2010.12.23 08:53:02 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\PriceGong
[2011.05.27 17:13:51 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Princess Isabella
[2010.11.19 23:30:53 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\rondomedia
[2012.02.18 19:50:32 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Sahmon Games
[2009.12.26 20:23:06 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Samsung
[2010.10.29 17:33:11 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SecretIslandDeuBF
[2011.12.25 21:48:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Silverback Productions
[2010.10.23 20:11:55 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Sky Bros
[2010.11.01 20:31:39 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SpinTop
[2012.02.19 12:48:36 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SpinTop Games
[2011.05.31 21:29:08 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SprillBermudeEng
[2012.02.19 22:17:07 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SprillRichiGerman
[2010.10.10 19:06:04 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\SultansLabyrinth
[2009.12.11 17:13:43 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Template
[2011.06.26 17:07:44 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TFS2
[2010.10.26 18:37:04 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TikisLab
[2011.06.26 09:41:11 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TOMI3
[2011.07.28 21:41:35 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Top Evidence
[2011.07.09 01:31:26 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Total Eclipse
[2012.01.28 21:47:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\TS3Client
[2010.11.19 18:51:27 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Twintale Entertainment
[2010.12.29 17:06:34 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Uniblue
[2010.12.02 19:36:25 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\URSE Games
[2010.12.27 23:03:38 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\V-Games
[2010.10.24 21:27:00 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\VampireSaga
[2010.12.29 22:36:47 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Vast Studios
[2012.01.21 02:01:28 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\wargaming.net
[2011.07.14 02:00:16 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Windows Live Writer
[2011.07.06 21:50:50 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\World-Loom
[2011.03.13 21:48:19 | 000,000,000 | ---D | M] -- C:\Users\ProMarkt\AppData\Roaming\Zylom
[2012.02.20 13:11:12 | 000,032,610 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========

========== Custom Scans ==========

< %SYSTEMDRIVE%\*. >
[2009.12.02 15:34:13 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.03.06 11:41:45 | 000,000,000 | ---D | M] -- C:\AbaEnglishCourse
[2010.11.05 14:57:22 | 000,000,000 | -H-D | M] -- C:\ASUS.DAT
[2011.06.26 09:14:56 | 000,000,000 | ---D | M] -- C:\BigFishGamesCache
[2009.12.27 12:42:10 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.02.19 17:34:11 | 000,000,000 | -H-D | M] -- C:\Config.Msi
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.11.16 23:15:31 | 000,000,000 | ---D | M] -- C:\DVDVideoSoft
[2012.01.21 01:25:00 | 000,000,000 | ---D | M] -- C:\Games
[2009.08.22 02:23:56 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2010.10.09 20:07:00 | 000,000,000 | ---D | M] -- C:\Nexon
[2008.01.21 03:32:31 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.02.20 15:20:59 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.02.20 13:21:53 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.02.08 19:31:46 | 000,000,000 | ---D | M] -- C:\Remote Programs
[2010.03.04 20:46:05 | 000,000,000 | ---D | M] -- C:\Softwarenetz
[2010.01.02 19:10:02 | 000,000,000 | ---D | M] -- C:\SPIELE
[2012.02.19 19:37:28 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.12.02 15:18:53 | 000,000,000 | R--D | M] -- C:\Users
[2012.02.20 13:12:36 | 000,000,000 | ---D | M] -- C:\Windows
[2012.02.19 10:40:23 | 000,000,000 | ---D | M] -- C:\Zylom Games

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< MD5 for: AGP440.SYS >
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 03:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys

< MD5 for: AHCIX86S.SYS >
[2008.05.27 21:55:53 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.05.27 21:55:53 | 000,173,576 | ---- | M] (AMD Technologies Inc.) MD5=FBE4016F9EF3AB3DB547E40A936B6CD9 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_c617648e\ahcix86s.sys

< MD5 for: ATAPI.SYS >
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 07:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 03:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.02.22 05:59:12 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=76D70915EB81608DC6ACA87887FAB38F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22120_none_ddac250d3ab7a648\atapi.sys
[2008.02.22 06:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_3d9c5057\atapi.sys
[2008.02.22 06:03:50 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=92210921EEFC081693F649C3631DEEC2 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18023_none_dd25892021975283\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

< MD5 for: EXPLORER.EXE >
[2009.08.22 02:47:35 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2009.08.22 02:47:34 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2009.08.22 02:47:34 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2009.08.22 02:47:35 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 03:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe

< MD5 for: IASTORV.SYS >
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 03:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys

< MD5 for: SCECLI.DLL >
[2008.01.21 03:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll

< MD5 for: USER32.DLL >
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\System32\user32.dll
[2009.04.11 07:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 03:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll

< MD5 for: USERINIT.EXE >
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 03:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

< MD5 for: WINLOGON.EXE >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 03:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

< MD5 for: WS2IFSL.SYS >
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 03:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >
[2008.01.21 04:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 04:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 04:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 11:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 11:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV

< %systemroot%\system32\*.dll /lockedfiles >

< %USERPROFILE%\*.* >
[2011.03.19 10:04:09 | 000,068,629 | ---- | M] () -- C:\Users\ProMarkt\Crazy Factory Piercing - Brustwarzenpiercings.htm
[2012.02.20 16:16:31 | 004,194,304 | -HS- | M] () -- C:\Users\ProMarkt\ntuser.dat
[2012.02.20 16:16:31 | 000,262,144 | -H-- | M] () -- C:\Users\ProMarkt\ntuser.dat.LOG1
[2009.12.02 15:18:54 | 000,000,000 | -H-- | M] () -- C:\Users\ProMarkt\ntuser.dat.LOG2
[2012.02.20 15:38:03 | 000,065,536 | -HS- | M] () -- C:\Users\ProMarkt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2012.02.20 15:38:03 | 000,524,288 | -HS- | M] () -- C:\Users\ProMarkt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2009.12.02 15:36:10 | 000,524,288 | -HS- | M] () -- C:\Users\ProMarkt\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000002.regtrans-ms
[2009.12.02 15:18:54 | 000,000,020 | -HS- | M] () -- C:\Users\ProMarkt\ntuser.ini

< %USERPROFILE%\Local Settings\Temp\*.exe >

< %USERPROFILE%\Local Settings\Temp\*.dll >

< %USERPROFILE%\Application Data\*.exe >

< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 177 bytes -> C:\ProgramData\Temp:58600DC1
@Alternate Data Stream - 155 bytes -> C:\ProgramData\Temp:26B7B9EA
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:8AB6C1D7
@Alternate Data Stream - 152 bytes -> C:\ProgramData\Temp:23CB5E78
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:CF2C26D2
@Alternate Data Stream - 151 bytes -> C:\ProgramData\Temp:2A8CD561
@Alternate Data Stream - 149 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 148 bytes -> C:\ProgramData\Temp:85649C7B
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:DB051353
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:ABD3B354
@Alternate Data Stream - 147 bytes -> C:\ProgramData\Temp:23B8DEE6
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:F74B380E
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:A9D9351A
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:9E22BBE8
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:580E04D8

und der bittere Rest. ich hofe, das es jetzt richtig ist...

@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:0D31DA45
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:F1FE38D7
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:A3642ED6
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:8F7ECF6A
@Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:46545F5C
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:91CF76E3
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:E35A81F4
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:2FAFBD6A
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:1198CD34
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:072B9E55
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:5690D76E
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:52FE3CCD
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:B894C266
@Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0E660858
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:62197B73
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:D93DCF15
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:B54E4B5A
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:891A7A73
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:4C8FA829
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:BE1DA945
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:DB8C1C95
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:6499508E
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:4A448DB2
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:DAFAF1BF
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:5AC256BC
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:43ABA97D
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:F4BE8180
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:26140299
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:24DC7949
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:8F925134
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:6C491D31
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:4220A65C
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:1BFEE019
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:E9CB5ECC
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:CA0CE093
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:2A0E0B9F
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:1316EAD4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:D3A89E47
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:FC420CE6
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:F6424B89
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:3DD2AE2E
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:C24B973A
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:51F17BB8
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:0E22C5DB
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:3FBB88CF
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:D8A9F240
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:3086B95F
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:1E3397DC
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:FAFEC4B9
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:C8E82994
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:B2735F9E
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:409A775B
@Alternate Data Stream - 109 bytes -> C:\ProgramData\Temp:0ED4AC2F
@Alternate Data Stream - 106 bytes -> C:\ProgramData\Temp:3E06C78F
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:95198126
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:330E66BD
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:D650D56C

< End of report >0

hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

:OTL

O4 - HKCU..\Run: [SkypeM] C:\Users\ProMarkt\AppData\Local\Skype\Skype.exe (Provtech Limited)

O4 - HKCU..\Run: [Binary Noise] C:\Users\ProMarkt\AppData\Roaming\7993F0.exe ()

 :Files

C:\Users\ProMarkt\AppData\Local\Skype\Skype.exe

C:\Users\ProMarkt\AppData\Roaming\7993F0.exe

:Commands

[purity]

[EMPTYFLASH] 

[emptytemp]

[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!

Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + E Taste.

Öffne dein Systemlaufwerk ( meistens C: )
Suche nun
folgenden Ordner: _OTL und öffne diesen.
Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner
Dies wird eine Movedfiles.zip Datei in _OTL erstellen
Lade diese bitte in unseren Uploadchannel
hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )

Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus :)

es hat sich nach dem neustart leider kein textdokument geöffnet.es war auch auf dem desktop keines sichtbar. ich fahre einfach weiter ort...

der upload hat problemlos geklappt.... soweit kommt auch im normalen modus keine meldung mehr. heisst das etwa, dass jetzt wieder alles okay ist?!

vielen lieben dank an dich...alleine wäre ich untergegangen und im pc-laden abgezogen worden.... vielen dank auch ür deine geduld!:dankeschoen:

hi,
danke dir für den upload.
wir müssen noch weiter suchen, und sicherheitslücken schließen, deswegen, bis wir fertig sind, nicht im netz surfen, außer auf von mir benannten seiten.

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Bitte downloade dir Combofix.exe und speichere es unbedingt auf deinem Desktop.[list][*] Besuche folgende Seite für Downloadlinks und Anweisungen für dieses
Tool

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
[*] Hinweis:
Gehe sicher das all deine Anti Virus und Anti Malware Programme abgeschalten sind, damit diese Combofix nicht bei der Arbeit stören.